Antirootkits

Forum for announcements and questions about tools and software.
AltF4
Posts: 4
Joined: Tue Mar 16, 2010 8:02 am

Re: List of Anti-Rootkits

Post by AltF4 » Tue Mar 16, 2010 8:48 am

Beautiful list!
Image

User avatar
gjf
Posts: 198
Joined: Mon Mar 15, 2010 10:23 am
Location: Where I lay my head is home
Contact:

Re: List of Anti-Rootkits

Post by gjf » Wed Mar 17, 2010 3:00 pm

VirusInfo / Defendium / SafeZone Helpers Crew

User avatar
EP_X0FF
Global Moderator
Posts: 4872
Joined: Sun Mar 07, 2010 5:35 am
Location: Russian Federation
Contact:

Re: List of Anti-Rootkits

Post by EP_X0FF » Wed Mar 17, 2010 4:25 pm

Perhaps this post can give you a tip. However I see no reasons why it can't be added in list.
Ring0 - the source of inspiration

User avatar
gjf
Posts: 198
Joined: Mon Mar 15, 2010 10:23 am
Location: Where I lay my head is home
Contact:

Re: List of Anti-Rootkits

Post by gjf » Wed Mar 17, 2010 4:36 pm

Ouch, you're right! Thanks for info!
VirusInfo / Defendium / SafeZone Helpers Crew

User avatar
EP_X0FF
Global Moderator
Posts: 4872
Joined: Sun Mar 07, 2010 5:35 am
Location: Russian Federation
Contact:

Re: List of Anti-Rootkits

Post by EP_X0FF » Wed Mar 17, 2010 5:10 pm

List updated by a_d_13 :)
Ring0 - the source of inspiration

davidwt
Posts: 2
Joined: Thu Mar 18, 2010 4:39 am
Contact:

Re: List of Anti-Rootkits

Post by davidwt » Thu Mar 18, 2010 4:42 am

I suppose this may require too much work, but it would be nice to know which ones actually support x64 Windows.
David W. Thomas

User avatar
EP_X0FF
Global Moderator
Posts: 4872
Joined: Sun Mar 07, 2010 5:35 am
Location: Russian Federation
Contact:

Re: List of Anti-Rootkits

Post by EP_X0FF » Thu Mar 18, 2010 5:17 am

Hello,

Currently there are no antirootkits for x64 (as far as average kernel mode rootkits for x64).
PatchGuard, driver signing and new operation system kernel model doing their job.

You can try something from AV companies (most their antirootkits now embedded inside products solutions) and Resplendence tools.
AFAIR some of them were claimed as x64 compatible. However Resplendence tools are weak even on x32 so I doubt in their usefulness.

Also some user mode only antirootkits can work on x64. How well? This is up to you to test.

Regards.
Ring0 - the source of inspiration

User avatar
GamingMasteR
Global Moderator
Posts: 228
Joined: Sun Mar 07, 2010 10:52 am

Re: List of Anti-Rootkits

Post by GamingMasteR » Thu Mar 18, 2010 5:27 am

Hi,

There's TrueX64 ARK, but as EP_X0FF siad you don't need ARK in x64 NT OS .

davidwt
Posts: 2
Joined: Thu Mar 18, 2010 4:39 am
Contact:

Re: List of Anti-Rootkits

Post by davidwt » Fri Mar 19, 2010 2:15 am

Thank you for the responses. Several months ago I had learned how safe the x64 Windows kernel was; but I did not think it would hold forever, so I assumed it was time to search for some anti-rootkits. Currently, i run Trend Micro Internet Security Pro for several years (started before I went to x64) and been happy with them; but nothing is perfect and just want to keep safe.
David W. Thomas

petec
Posts: 4
Joined: Mon Mar 15, 2010 7:10 am
Location: Orsetrialya

Re: List of Anti-Rootkits

Post by petec » Fri Mar 19, 2010 8:21 am

Hello GamingMasteR,

I see here: http://www.kernelmode.info/forum/viewto ... p=189#p189
and wondering if KD v1.3.2 is private version ?

I cannot find download link for it :D

Post Reply