Download TrojanHunter Now
Free 30-day trial!
Latest TrojanHunter Version:
TrojanHunter 5.0
Order Now
License file delivered within minutes.
Welcome, Guest. Please Login or Register.
Aug 28th, 2008, 2:05pm
   Mischel Internet Security Forum
   Internet Security
   General (Moderators: Helena, Gavin_Coe, Magnus)
   generic protection against rootkits?		 « Previous topic | Next topic »
Pages: 1  Reply Reply  Notify of replies Notify of replies   Send Topic Send Topic   Print Print
   Author  Topic: generic protection against rootkits?  (Read 531 times)
doubledown
Full Member
***





   


Posts: 144
generic protection against rootkits?
« on: Nov 22nd, 2005, 5:06pm »		 Quote Quote  Modify Modify
I was just wondering if a program like PrevX or Spybot's TeaTimer would provide any degree of generic protection against a rootkit installing by flagging up some kind of change during the installation process?
 
Thanks for any thoughts  Smiley
IP Logged
siliconman01
Global Moderator
*****



Trojans! Chew 'em Up, Spit 'em Out...

   


Gender: male
 Posts: 5594
Re: generic protection against rootkits?
« Reply #1 on: Nov 27th, 2005, 10:22am »		 Quote Quote  Modify Modify
Quote:
if a program like PrevX or Spybot's TeaTimer

 
Not a PrevX or Spybot user myself.  I suspect you might be able to get an answer or opinion concerning your question via the forums directly supporting these two products.   Wink
IP Logged
______
TrojanHunter V5.0.962...No. 1 AT in my Book and on my Box!
Randy_Bell
Global Moderator
*****




TrojanHunter is the Best!

40416585 40416585   randybell_98   atmrover
WWW   Email

Gender: male
 Posts: 2883
Re: generic protection against rootkits?
« Reply #2 on: Nov 27th, 2005, 8:46pm »		 Quote Quote  Modify Modify
They would have to detect it as it was installing itself; I think the nature of a rootkit is that is changes the O.S. at the kernel level to make itself invisible [to the registry, filesystem, etc.].  A rootkit essentially changes the O.S. at a privileged level so that is VERY hard to detect.
IP Logged
doubledown
Full Member
***





   


Posts: 144
Re: generic protection against rootkits?
« Reply #3 on: Dec 1st, 2005, 7:13am »		 Quote Quote  Modify Modify
Thanks Siliconman and Randy - I guess that's what I was thinking really - that the only protection would be by detection of some change during install - assuming there is some kind of detectable change during install - or is the whole process hidden from the user? As suggested, I'll have a look for any further information on the relevant forums.
 
Best Regards,
 
doubledown   Cool
IP Logged
Pages: 1  Reply Reply  Notify of replies Notify of replies   Send Topic Send Topic   Print Print

« Previous topic | Next topic »
Search
Members
Login
Register