Galdorf
05-19-2009, 06:33 PM
Seems most ant-virus and anti-spyware cleaners based on signature analysis seem to be missing alot of rootkits seems virus, rootkit and malware writers are taking advantage of this.
I have now included not only signature analysis but now behavior analysis as well to detect hidden processes by rootkits i have found a neat utility to find hidden processes call Helios it also seems to find rootkits.
I go
Helios rootkit found? then rootkit clean:
any good rootkit cleaner
antivir
mbam
spybot
It has a lite version not needing installation but you must have .net framework installed.
removing 1 unneeded step in rootkit scanning if not needed
http://helios.miel-labs.com/2006/07/download-helios.html
Behavior can be used to find unknown or zero day rootkits, even if the rootkit cannot be cleaned the malware its hiding can be unhidden and removed.
What is really scarry is that most av software will not pick up a rootkit take a look at this:
http://helios.miel-labs.com/videos/futomodified/futomodified.html
I have now included not only signature analysis but now behavior analysis as well to detect hidden processes by rootkits i have found a neat utility to find hidden processes call Helios it also seems to find rootkits.
I go
Helios rootkit found? then rootkit clean:
any good rootkit cleaner
antivir
mbam
spybot
It has a lite version not needing installation but you must have .net framework installed.
removing 1 unneeded step in rootkit scanning if not needed
http://helios.miel-labs.com/2006/07/download-helios.html
Behavior can be used to find unknown or zero day rootkits, even if the rootkit cannot be cleaned the malware its hiding can be unhidden and removed.
What is really scarry is that most av software will not pick up a rootkit take a look at this:
http://helios.miel-labs.com/videos/futomodified/futomodified.html