Mark Russinovich and malware detection and removal video

Discussion in 'other security issues & news' started by Longboard, Jan 1, 2007.

Thread Status:
Not open for further replies.
  1. Longboard

    Longboard Registered Member

    Joined:
    Oct 2, 2004
    Posts:
    3,187
    Location:
    Sydney, Australia
    This may already have been posted:
    http://www.microsoft.com/emea/itsshowtime/sessionh.aspx?videoid=359

    Direct link to MR presentation only with no MS log in pfaffing
    http://msexp.streamnavig.com/msexp/...=0369_en&uid=0006400080C7E62F&lng=en&cou=emea

    Video presentation of MR and malware primer.
    Good Excellent watching and good utd precis
    Excellent tutorials about sysinternal's tools.

    Some other good stuff also for low level users like me.


    (need IE to make it work)

    Some of it pretty unnerving. :(

    Gmer gets a good mention !

    Watch out for the steam coming out of EP-XOFF ears. :eek:
    A bit strange that RkU didn't get a mention?

    Rest of the show: http://www.microsoft.com/emea/itsshowtime/result_search.aspx?event=49
     
    Last edited: Jan 1, 2007
  2. EP_X0FF

    EP_X0FF Registered Member

    Joined:
    Nov 8, 2006
    Posts:
    233
  3. Longboard

    Longboard Registered Member

    Joined:
    Oct 2, 2004
    Posts:
    3,187
    Location:
    Sydney, Australia
    Hello EP
    It's a real shame he didn't refer to RkU.
    Wonder when he wrote that presentation?

    It's not like you are invisible at Sysinternals Forums:D

    I had to laugh when I noticed he was using VMWare not Virtual PC: he does mention that he would've if he could've :ouch:
     
  4. Meriadoc

    Meriadoc Registered Member

    Joined:
    Mar 28, 2006
    Posts:
    2,642
    Location:
    Cymru
    There is alot he could of mentioned but didn't - doesnt really matter:) , he also says if you suspect a rootkit to run as many different antirootkit tools as you can as there isnt a universial tool. One tool he mentioned that I use and use also to look for stealth is Windbg - free download from MS.

    edit : yeah he used VMWare because of its snap-shots.
     
  5. Meriadoc

    Meriadoc Registered Member

    Joined:
    Mar 28, 2006
    Posts:
    2,642
    Location:
    Cymru
    I've purchased Administrator's Pak and other and attended seminar from Winternals in the past and would recommend anyone to have a look at the free tools from Sysinternals and look at this even if just to see how the free programs Process Explorer and Autoruns can be used to help in administrating a system, and if you already use the tools you may learn something new.
     
Loading...
Thread Status:
Not open for further replies.