Author Topic: Anti-rootkit programs (Read 3531 times)

micky77 · « **on:** January 26, 2008, 12:13:26 PM »

Anyone here use these programs ?. I have used AVG previously,and today I downloaded Sophos Anti RK.The scan was very quick 3.5 minutes,and thankfully came up clean.I suppose the trouble I would have, is if something was found, would I delete it. $:-\$

FreewheelinFrank · « **Reply #1 on:** January 26, 2008, 12:23:01 PM »

Do some research first, because some applications also use hidden processes.

A Google search should tell you if what was found really is a rootkit.

philly12 · « **Reply #2 on:** January 29, 2008, 05:46:29 PM »

Those programs are okay...but there are some that are WAY better. The top one seems to be GMER , which actually has videos on its site showing how GMER can detect rootkits that other programs cannot (interesting videos actually, it even shows the scans of the other antirookit programs). Icesword is also an effective antirootkit.

micky77 · « **Reply #3 on:** January 29, 2008, 05:50:01 PM »

Quote from: philly12 on January 29, 2008, 05:46:29 PM

Those programs are okay...but there are some that are WAY better. The top one seems to be GMER , which actually has videos on its site showing how GMER can detect rootkits that other programs cannot (interesting videos actually, it even shows the scans of the other antirookit programs). Icesword is also an effective antirootkit.

I've heard you can get FPs with GMER and Icesword is for more advanced users

philly12 · « **Reply #4 on:** January 29, 2008, 06:26:18 PM »

They are both for advanced users, but they work

DavidR · « **Reply #5 on:** January 29, 2008, 07:32:51 PM »

Also see, anti-rootkit, detection, removal & protection http://www.antirootkit.com/software/index.htm. Try these as they are some of the more efficient and user friendly anti-rootkit tools.
- Panda Rootkit Cleaner - http://research.pandasoftware.com/blogs/images/AntiRootkit.zip.
- Trend Micro RootkitBuster - http://www.trendmicro.com/download/rbuster.asp
- F-Secure Blacklight may not always be available, http://www.f-secure.com/blacklight - Direct link, ftp://ftp.f-secure.com/anti-virus/tools/fsbl.exe

mouniernetwork · « **Reply #6 on:** January 29, 2008, 11:27:17 PM »

I think that GMER is quite good, and from what I understand so does Alwil

Al968

DavidR · « **Reply #7 on:** January 30, 2008, 03:34:28 PM »

There are a number of anti-rootkit tools that are quite good but many aren't very user friendly and rely on the user having enough knowledge to decide what is or isn't a rootkit. They are a bit like hijackthis, in that they just provide data that you the user has to interpret.

GMER requires a knowledgeable user and avast/Alwil will be looking at making things more user friendly.

Author Topic: Anti-rootkit programs (Read 3531 times)

micky77

Anti-rootkit programs

FreewheelinFrank

Re: Anti-rootkit programs

philly12

Re: Anti-rootkit programs

micky77

Re: Anti-rootkit programs

philly12

Re: Anti-rootkit programs

DavidR

Re: Anti-rootkit programs

mouniernetwork

Re: Anti-rootkit programs

DavidR

Re: Anti-rootkit programs