Showing posts from 2018

Scan for Rootkits using Kaspersky TDSSKiller and GMER.

Rootkits can be deeply embedded into a system, and can even avoid scans from a system's default antivirus software.  To this end, we shall explore some methods of scanning for rootkits using two different scanners. First: Kaspersky TDSSKiller link: At the link above you can find the application in particular.  Setup instructions are found on the page, as well as a list of specific applications that TDSSKiller fights. After accepting the EULA and KSN statement, be sure to click on Change Parameters, and include Loaded Modules in your scan.  A reboot will be necessary at this time. After the reboot, run the scan.  The following is what you want to see: This window means that the application was not able to find a rootkit on the system scanned.  Little surprise in this case, as it is running in a fresh virtual machine.  Next: GMER link: The link above will take you to the GMER website, where an