7 good utilities (links)

CODE RED SCANNER - http://www.ilsoftware.it/querydl.asp?ID=383

CODE RED CLEAN UP - http://www.ilsoftware.it/querydl.asp?ID=384

IIS LOCKDOWN TOOL - http://www.ilsoftware.it/querydl.asp?ID=390

REGRUN II 2.99 (VERY USEFUL!) - http://www.ilsoftware.it/querydl.asp?ID=354

[u]ACTIVE PORTS /u - http://www.ilsoftware.it/querydl.asp?ID=355

SECRETEXE 4.3 (FOR SHARED PCs) - http://www.ilsoftware.it/querydl.asp?ID=363

WINLOCK 3.1 (FOR SHARED PCs) - http://www.ilsoftware.it/querydl.asp?ID=364

Kamulko!, you wouldn’t happen to work for Il Software, would you? ;D

;D ;D ;D… maybe maybe… eh eh eh!

This looks like old stuff and is meant for Win 2000 ??? ???
The website is also in Italian???

hi, Bob. Yes, is an Italian site but there are the links to the programmer’s website for each application. I have some of this programs on my pc: normally, programs for win2000 run for xp without problems.

is there any way to or program to translate that into english?

nevermind if you just click on the publishers website its english,bri

Hi Kamulko,

I tried the System Security Suite programma. cleans a lot out, and reconfigures nicely on windows. A lot of nastiness (scuzi) stays behind in the temp folders, so clean therm out these stables of Argios. Did you ever use a proggie like RKDetect, it scans all the services on your system, all the hidden ones as well, and tells you what they are stoppable? It works according to the details:

RKDetect is a little anomaly detection tool that can find services hidden
by generic Windows rootkits like Hacker Defender. The tool enumerates the
services on a remote computer via WMI (user level) and Services Control
Manager (kernel level), the result is then compared and any difference is
displayed. In this way we can find hidden services that are usually used
to start rootkits. Similar approach can be used to enumerate processes,
files, registry keys and anything that rootkits usually hides.

Source Code:
The tool is a VB script which requires the sc.exe application that can be
found in %WINDIR%\system32\sc.exe or can be downloaded along with the
source code below at: http://www.security.nnov.ru/files/rkdetect.zip
http://www.security.nnov.ru/files/rkdetect.zip

Sample:

C:\hack\rkd>cscript rkdetect.vbs 200.4.4.4
Microsoft (R) Windows Script Host Version 5.6
Copyright (C) Microsoft Corporation 1996-2001. All rights reserved.

Query services by WMI…
Detected 70 services
Query services by SC…
Detected 71 services
Finding hidden services…

Possible rootkit found: HXD Service 100 - HackerDefender100
[SC] QueryServiceConfig SUCCESS

SERVICE_NAME: HackerDefender100
TYPE : 10 WIN32_OWN_PROCESS
START_TYPE : 2 AUTO_START
ERROR_CONTROL : 0 IGNORE
BINARY_PATH_NAME : C:\rootkits\hxdef100\hxdef100.exe
LOAD_ORDER_GROUP :
TAG : 0
DISPLAY_NAME : HXD Service 100
DEPENDENCIES :
SERVICE_START_NAME : LocalSystem

Done

Have a nice day,

POLONUS

Thanks, friend Polonus. :slight_smile:
No, I didn’t heard about this tool. Now I go to the link you posted and i will try to see how it runs.
I will tell you about it.

Many thanks for the useful information. ;D