Results 1 to 4 of 4

Thread: Rootkit protection

  1. #1
    karlad Guest

    Default Rootkit protection

    Is there an update to handle Rootkit invasions?

    Operating System:Windows XP Home Edition
    Product Name:ZoneAlarm Internet Security Suite
    Software Version:6.5

  2. #2
    jarvis Guest

    Default Re: Rootkit protection

    once a root kit is installed, there is not much any software can do to remove it, short of booting from a live CD such as BartPE and removing the files associated with it from there.

    ZASS uses several techniques to try and prevent root kits being installed.

    * Spy site blocking prevents you visiting known dangerous sites accidentally.

    * SmartDefense advisor (on the Auto setting) automatically prevents known malware from executing and kills any running copies of it.

    * OS Firewall monitors attempts by applications to install drivers or modify what programs run at startup. Denying these actions to processes you don't recognise could help prevent malware installation

    * Anti-virus / Anti-spyware should clean up most infections, hopefully before they get installed although some can be removed once installed but not root kits!!

  3. #3
    forum_moderator Guest

    Default Re: Rootkit protection

    Just FYI - When Sony CDs installed their infamous rootkit, even though you could not see the files or processes, once it tried to phone home, ZA would pop an alert on the process anyway. It was hiding anything that began with $sys$ I think. Anyway, you get the ZA alert, and it even started with the "hidden" information. So it could run hidden on your system, but could not phone home.


  4. #4
    Join Date
    Dec 2005

    Default Re: Rootkit protection

    Sweet! Nice to know!
    I wondered if the rootkits actually did get noticed by the ZA firewall.
    Best regards.

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)


Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts