Rootkits are Hard to Detect (Shocker)

[nihil]

Hi Cider,

You know that I am a script kiddie who just loves playing with all these tools?

I have noticed the same phenomenon with quite a few of them, in that they throw up "false positives". Actually they don't............... they are giving you a "heads up". If you loaded that software in the location it was found then everything is fine.............. if you didn't.......?

I was messing with some anti-dialer stuff a while back............ complained about all my ISP connection software............ well, they are dialers aren't they?

Personally I prefer an aggressive application, as I will look at what it tells me it considers suspicious.

Problem is that a legitimate application might be loaded with malicious intent?

Shame is that you cannot really recommend these hypersensitive applications to people who don't understand them, and those are the people who are most vulnerable?

just my thoughts.............

[morganlefay]

Hey there

Hmm, decided to try this "unhackme". Anyway downloaded it.

Well scanned the system. All of them were flase positives. It detected all my AV+FW processes and things like Cdburner and DAP.

Not satisfied!

As stated there will always be false positives with this type of software....

Personally I would like to know if there is some app calling home are "acting" like a root kit......remember the Sony DRM scandal

http://en.wikipedia.org/wiki/2005_So...ection_scandal

Note the last sentence

The Sony BMG CD copy prevention scandal concerns the copy prevention measures included by Sony BMG on compact discs in 2005. Sony BMG included the Extended Copy Protection (XCP) and MediaMax CD-3 software on music CDs. XCP was put on 52 titles[1] and MediaMax was put on 50 titles.[2] This software was automatically installed on Windows desktop computers when customers tried to play the CDs. The software interferes with the normal way in which the Microsoft Windows operating system plays CDs, opening security holes that allow viruses to break in, and causing other problems. It is widely described as spyware.

As a result, a number of parties have filed lawsuits against Sony BMG; the company ended up recalling all the affected CDs; and greater public attention was drawn to the issue of commercially-backed spyware.

MLF

[Gillis57]

If that is the same Article that I think it is, it came up with the decision that Vista detected and prevented every rootkit they tried to install.

PS, New here- Mostly old members in this thread. Buenos Dios old members

[Cider]

I see. Well atleast my system is okay then

I am being too lazy, I will go through the suspicious files / processes that pop up.

Ill give it another go.

Thanks.