Discussion in 'other software & services' started by <DreamCatcher>, Apr 13, 2006.

Thread Status:
Not open for further replies.
  1. <DreamCatcher>

    <DreamCatcher> Registered Member


    Hi I recently came across this program 'Rootkitty' while i was looking for plugins for my BART PE disc.

    Heres a desciption:

    RootKitty is a very simple utility that makes a file listing when running from windows and a file listing from PE/ubcd4win then compares the two files and shows you the differences (looking for rootkits).

    Has anyone used this before?
  2. Mrkvonic

    Mrkvonic Linux Systems Expert

    I did try it, but didn't find anything remarkable or special. Supposedly, you're supposed to see difference between a file running normal payload and stealthy payload.
    Alternatively, you can just browse for unknown files and folders while booted from CD, because them the stealthy rootkits thingies will be unveiled just like normal files and folders. It does help to know where to focus your efforts, since there can be a whole load of files on a pc.
Thread Status:
Not open for further replies.