This looked a little scary :-
http://forums.net-integration.net/index.php?s=b603684766f66fa14694b04be5a5c313&showtopic=24912&st=0&
He appears to have mostly solved that blighter !
Interesting point, in Win98se, if old fashioned explorer Winfile.exe, is used then all the files in ....C:\Windows\Downloaded Program Files\ are seen as in any other directory, whereas in 'Explorer.exe' these files are not listed in the standard manner
Also ALL the Index.dat files are searchable and plainly visible in Winfile, doesn't support long filenames tho'.
regdat.exe from http://people.freenet.de/h.ulbrich/ ... allows one to view a Win98se saved registry file (hives) eg. system.dat.
I guess we are talking RootKit exploit in Ribbell's case above ??
Any cloaking techniques used by a rootkit will become ineffective if you start your system from a boot CD. Is this a fact ??
P
http://forums.net-integration.net/index.php?s=b603684766f66fa14694b04be5a5c313&showtopic=24912&st=0&
He appears to have mostly solved that blighter !
Interesting point, in Win98se, if old fashioned explorer Winfile.exe, is used then all the files in ....C:\Windows\Downloaded Program Files\ are seen as in any other directory, whereas in 'Explorer.exe' these files are not listed in the standard manner
Also ALL the Index.dat files are searchable and plainly visible in Winfile, doesn't support long filenames tho'.
regdat.exe from http://people.freenet.de/h.ulbrich/ ... allows one to view a Win98se saved registry file (hives) eg. system.dat.
I guess we are talking RootKit exploit in Ribbell's case above ??
Any cloaking techniques used by a rootkit will become ineffective if you start your system from a boot CD. Is this a fact ??
P
