Mark Russinovich and malware detection and removal video

This may already have been posted:
http://www.microsoft.com/emea/itsshowtime/sessionh.aspx?videoid=359

Direct link to MR presentation only with no MS log in pfaffing
http://msexp.streamnavig.com/msexp/...=0369_en&uid=0006400080C7E62F&lng=en&cou=emea

Video presentation of MR and malware primer.
Good Excellent watching and good utd precis
Excellent tutorials about sysinternal's tools.

Some other good stuff also for low level users like me.


(need IE to make it work)

Some of it pretty unnerving.

Gmer gets a good mention !

Watch out for the steam coming out of EP-XOFF ears.
A bit strange that RkU didn't get a mention?

Rest of the show: http://www.microsoft.com/emea/itsshowtime/result_search.aspx?event=49

 

If you asking me, I don't care Perhaps Mark never tried my/gmer tools to do compare.

 

Hello EP
It's a real shame he didn't refer to RkU.
Wonder when he wrote that presentation?

It's not like you are invisible at Sysinternals Forums

I had to laugh when I noticed he was using VMWare not Virtual PC: he does mention that he would've if he could've

 

There is alot he could of mentioned but didn't - doesnt really matter , he also says if you suspect a rootkit to run as many different antirootkit tools as you can as there isnt a universial tool. One tool he mentioned that I use and use also to look for stealth is Windbg - free download from MS.

edit : yeah he used VMWare because of its snap-shots.

 

I've purchased Administrator's Pak and other and attended seminar from Winternals in the past and would recommend anyone to have a look at the free tools from Sysinternals and look at this even if just to see how the free programs Process Explorer and Autoruns can be used to help in administrating a system, and if you already use the tools you may learn something new.