Quote:
Originally Posted by mbpark
Anti-rootkit technology is nothing more than AV technology that scans for the API hooks that rootkits use to cloak themselves. It's effective a good portion of the time, but I've seen rootkits get past the Sysinternals tool (Rootkit Revealer).
|
Other than appropriate software, any symptoms to detect or suspect that rootkit? For example, IP activity? Unexplained processes? Excessive CPU time? Unexplained disk activity? Disabled functions? Registry entries?
Never looked at Systeminternals Rootkit Revealer because I never saw any reason to need it.