Showing posts from 2018

Scan for Rootkits using Kaspersky TDSSKiller and GMER.

Rootkits can be deeply embedded into a system, and can even avoid scans from a system's default antivirus software.  To this end, we shall explore some methods of scanning for rootkits using two different scanners.

First: Kaspersky TDSSKiller


At the link above you can find the application in particular.  Setup instructions are found on the page, as well as a list of specific applications that TDSSKiller fights.

After accepting the EULA and KSN statement, be sure to click on Change Parameters, and include Loaded Modules in your scan.  A reboot will be necessary at this time.

After the reboot, run the scan.  The following is what you want to see:

This window means that the application was not able to find a rootkit on the system scanned.  Little surprise in this case, as it is running in a fresh virtual machine. 
Next: GMER
The link above will take you to the GMER website, where an image of what it would look l…