Linux Format forums Forum Index Linux Format forums
Help, discussion, magazine feedback and more
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 

DEFT - rkhunter - rootkit search on windows machine

 
Post new topic   Reply to topic    Linux Format forums Forum Index -> Help!
View previous topic :: View next topic  
Author Message
dickiemint5



Joined: Tue Apr 28, 2009 5:09 pm
Posts: 6
Location: Gloucester

PostPosted: Tue Feb 23, 2010 2:44 pm    Post subject: DEFT - rkhunter - rootkit search on windows machine Reply with quote

Hello. Is there a way of pointing rkhunter, as found on the DEFT live cd, to search on the 'C' partition of a windows machine?
rkhunter is CLI driven, and I am next to useless at the command line. The same cd has clamtk as a windowed front end to clamav, which I can get to work fine.
In other words, command line help for rkhunter please.
Cheers
Dick
Back to top
View user's profile Send private message
nelz
Site admin


Joined: Mon Apr 04, 2005 12:52 pm
Posts: 8457
Location: Warrington, UK

PostPosted: Tue Feb 23, 2010 3:08 pm    Post subject: Reply with quote

No, because rkhunter is designed to test the currently running Unix-alike OS. You can have it check another supported OS with the --rootdir option, but not a Windows directory.
_________________
"Insanity: doing the same thing over and over again and expecting different results." (Albert Einstein)
Back to top
View user's profile Send private message
dickiemint5



Joined: Tue Apr 28, 2009 5:09 pm
Posts: 6
Location: Gloucester

PostPosted: Tue Feb 23, 2010 4:56 pm    Post subject: Thanks Reply with quote

Thanks for that reply. Explains why I cannot do it then.javascript:emoticon('Very Happy')
Do you know of anything that will search for rootkits on a machine which is NOT running is installed OS?
Cheers
Dick
Back to top
View user's profile Send private message
nelz
Site admin


Joined: Mon Apr 04, 2005 12:52 pm
Posts: 8457
Location: Warrington, UK

PostPosted: Tue Feb 23, 2010 7:23 pm    Post subject: Reply with quote

rkhunter will do that, but only for *nix OSes. Have you tried googling for Windows rootkit?
_________________
"Insanity: doing the same thing over and over again and expecting different results." (Albert Einstein)
Back to top
View user's profile Send private message
dickiemint5



Joined: Tue Apr 28, 2009 5:09 pm
Posts: 6
Location: Gloucester

PostPosted: Wed Feb 24, 2010 8:32 pm    Post subject: Windows rootkit finders Reply with quote

Thanks again nelz. Yes I have tried, but it gets confusing. Tried a microsoft 'revealer', and did not know what I was looking at. Tried Prevexcsi, which told me I had a virus which was not!
I shall have to take time to learn how to make a simple ubuntu cd with at least Clamtk, so that I can virus check an OS without running same.
In case you are wondering, I look after a Vista 32bit PC, which was running happily for some 3 years with no faults. Then a month ago it started to go slow. I found that around 85% of its 1 GB ram was being used, and that swapping the page file to HD was slowing the machine down considerably. I suspect a virus, but AVG et al shows nowt.
But that is not a subject for this forum.
Thanks again for your replies.
Dick
Back to top
View user's profile Send private message
paulm
LXF regular


Joined: Mon Apr 03, 2006 5:53 am
Posts: 242
Location: Oxfordshire, UK

PostPosted: Wed Feb 24, 2010 9:52 pm    Post subject: Re: Windows rootkit finders Reply with quote

dickiemint5 wrote:
I shall have to take time to learn how to make a simple ubuntu cd with at least Clamtk, so that I can virus check an OS without running same.


While doing so might be a good exercise from an educational point of view, in terms of what you are looking for, its a lot of unnecessary work Smile

Download and burn a copy of SystemRescueCD:

http://www.sysresccd.org/Main_Page

That will give you everything you need not only to scan a M$ computer for virus problems, but to remove passwords, back up, rescue files from a non-booting M$ operating system, etc.

Anyone who has to deal with the endless problems Windows comes up with should not be without a copy....

I often find myself amused by the fact that people who will not look at Linux often owe the continued operation of their 'superior' Windows machine to Linux.

Paul.
Back to top
View user's profile Send private message
dickiemint5



Joined: Tue Apr 28, 2009 5:09 pm
Posts: 6
Location: Gloucester

PostPosted: Thu Feb 25, 2010 10:28 am    Post subject: SystemRescueCD Reply with quote

Thanks for replying. I currently use Mint 8 as a desktop machine for all 'office' and internet work, so I am not against Linux, but rather very much for it. It is the command line I always have trouble with, and most advice is given with a command line example, and these days my pensioner brain struggles!!!
I will now have a learning curve with System Rescue. Ah well, keeps the brain ticking over.
Again, thanks for the replies.
Cheers.
Dick
Back to top
View user's profile Send private message
towy71
Moderator


Joined: Wed Apr 06, 2005 3:11 pm
Posts: 4258
Location: wild West Wales

PostPosted: Thu Feb 25, 2010 10:50 am    Post subject: Re: SystemRescueCD Reply with quote

dickiemint5 wrote:
... I currently use Mint 8
Then your user name must be a misnomer Rolling Eyes Razz
_________________
still looking for that door into summer
Back to top
View user's profile Send private message
View previous topic :: View next topic  
Display posts from previous:   
Post new topic   Reply to topic    Linux Format forums Forum Index -> Help! All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
Linux Format forums topic RSS feed 


Powered by phpBB © 2001, 2005 phpBB Group


Copyright 2011 Future Publishing, all rights reserved.


Web hosting by UKFast