How use IceSword to detect rootkit?

Discussion in 'other anti-trojan software' started by timepiece, Oct 14, 2005.

Thread Status:
Not open for further replies.
  1. timepiece

    timepiece Guest

    Can someone explain to me how i can use IceSword (English version) to detect rootkits? Where do I start? This program doesn't seem as straight foward as something like Unhackme, which will tell you right away if you have a rootkit.

    It seem like with IceSword you really have to know what your doing to find a rootkit. Can anyone help me to understand how to use IceSword to find out if I have a rootkit or not?

    For example should I look under KernelModule, SPI, Win32 Services, Message Hooks, or something else to see if I have a rootkit? How do I know if IceSword has actually found a rootkit or not?

    Thanks very much if anyone can help.
  2. Notok

    Notok Registered Member

    May 28, 2004
    Portland, OR (USA)
    IceSword just shows you program components in memory, it won't actually tell you if you are infected or not. So yes, you do need to know what you're looking for. If you don't, you're probably better off with something like UnHackMe. If you have reason to believe that you have been infected by a rootkit, you can contact the makers of your existing security software and they may be able to help you.
Thread Status:
Not open for further replies.