Results 1 to 5 of 5

Thread: Is antirootkit.com a valuable site?

  1. #1
    riceorony Guest

    Default Is antirootkit.com a valuable site?

    Hello,

    Has anyone here besides me been to antirootkit.com to read their postings and reviews on various antirootkit programs (past and present)?

    Any opinions?

  2. #2
    Join Date
    Dec 2005
    Posts
    9,056

    Default Re: Is antirootkit.com a valuable site?

    It is a good place.
    Tried a few tools suggested from there and then finally decided to stick with one (gmer) as a standard tool (along with the sysinternal root kit revealer).
    Good site.
    Plus the AV (avira) that I use does detect/remove the usual house garden variety types of rootkits.

    The ZA does detect rootkit "activity" (installation of new drivers and certain new registry key additions) or "moment" even though it is not a true detect and remover of rootkits. The old "sony" rootkit activity was detected by the ZA for example - but it was still up to the user to decide to allow or deny this unwanted activity.

    Oldsod.
    Best regards.
    oldsod

  3. #3
    riceorony Guest

    Default Re: Is antirootkit.com a valuable site?

    Oldsod,

    I agree with you, the most valuable tools seem to be Gmer and RootkitRevealer due to them being only analysis programs (similar concept as HiJack This!), which allow the user to verify the information. The rest of the scanning programs (by Panda, Sophos, Avira, etc.) seem to be used for detection and removal of rootkits by definitions?

  4. #4
    Join Date
    Dec 2005
    Posts
    9,056

    Default Re: Is antirootkit.com a valuable site?

    Correct.
    Plus the average rootkit detector builtin into the AV, AS, and so forth only detects the average or most seen types of rootkits, not the unusual or not average kinds.
    Still these miss a lot as rootkits evolve and join with worms and troyans to create newer classes of malware.

    Gmer is good but still the logs must be correctly understood to determine if and how there is a rootkit present. it takes some knowledge of windows and computers to use the tool properly.

    Icesword is possiblely one of the best tools, but the least understood and the least simplest to use or yield. Definitely not designed for the average user and it does tax even the advanced user.
    Some rootkit tools available from the AV vendors is much more user friendly - even though they will miss a few.

    Oldsod.
    Best regards.
    oldsod

  5. #5
    Charles_B Guest

    Default Re: Is antirootkit.com a valuable site?

    I have used Panda Anti-Rootkit 1.08 which I downloaded from http://www.download.com/

    RootkitRevealer v1.71 http://technet.microsoft.com/en-us/s.../bb897445.aspx

    Sophos Anti-Rootkit Version 1.3.1 http://www.sophos.com/products/free-...i-rootkit.html

    They didn't find no Rootkit on my OS

    __________________________________________________ __________________________________________________ _______

    This is what Siteadvisor states about this site.Not Me!

    Mcafee SiteAdvisor

    antirootkit.com
    In our tests, we found downloads on this site that some people consider adware, spyware or other potentially unwanted programs.

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •