Sophos Ships Rootkit Removal Tool
Posted by Steven Parker on 24 August 2006 - 09:09 · 7 comments & 4649 views
About the Author
Full name: Steven Parker
Forum name: Neobond
Contact: via forum PM
Submissions: Normal · Headline
Full name: Steven Parker
Forum name: Neobond
Contact: via forum PM
Submissions: Normal · Headline
Slashdot It!
Submit to reddit
Submit to blinklist
Bookmark on del.icio.us
Add to furl
Share on Facebook
Add to Windows Live
Add to Google- Advertisement
-
-
(2 replies)
#1 Posted by Boz on 24 Aug 2006 - 09:25
- I keep getting some can't flush C:// or some crap like that..I'm not using this
-
#2 Posted by JamesCherrill on 24 Aug 2006 - 12:27
- Claims it can't access my registry. Waste of time & space.
-
#3 Posted by Ely on 24 Aug 2006 - 13:00
- looks good, trying it right now.
-
#4 Posted by mrbester on 24 Aug 2006 - 13:12
- "Important information you need to know before installation" (from readme, which is called readsar.txt, so you'd have to guess you need to read it. And you don't.). I like Known Issue #2: "If the scan is performed while the computer is in use...". How does a scan get performed if the computer is not in use?
It's not exactly rocket science to use NSIS to actually be able to install the program. So there isn't any "installation". Plus, you have to have "installed" the program before you can read this file unless you routinely look inside sfxs with WinRAR or similar.
Supplying a SFX that extracts into a directory off the root by default is along the lines of a Dell driver ffs. And in any case, how is this better than SysInternals RootKit Revealer?
-
#5 Posted by paxa on 26 Aug 2006 - 03:56
- i'm not even going to try it....seems that it gives more problems than solutions
Sophos, of Lynnfield, Mass., said its rootkit cleaner offers an easy-to-use interface to scan all running processes, local hard drives and the Windows registry for rootkits.
The company joins a growing list of Internet security vendors adding rootkit-scanning capabilities to their product lines. Finnish anti-virus outfit F-Secure offers the BlackLight rootkit clean-up utility, while BitDefender and others are beta testing similar offerings.
Offensive rootkits, which are typically used by malicious attackers to hide malware on Windows machines, gained mainstream media prominence in November 2005 when it was discovered that Sony BMG used stealthy techniques on music CDs to hide a DRM (digital rights management) scheme.
Rootkits are programs that are used to give a remote user persistent access to a compromised system while avoiding detection from security scanners.