[ANN] AVG Anti-Rootkit Beta available

Do you have a question? Post it now! No Registration Necessary.  Now with pictures!

Threaded View
Hi,

Just want to let you know that the Grisoft AVG Anti-Rootkit Beta is
available now:

Please take a look at my Weblog there you will find some screenshots and
instructions on how to get it.

http://blog.evilissimo.net/2006/08/01/grisoft-avg-anti-rootkit-beta /

Regards,
Vinzenz Feenstra
ewido anti-spyware developer
(Anti-Malware Development a.s. a Member of Grisoft Group)
--
Regards,
Vinzenz Feenstra

And now visit my WeBlog < http://blog.evilissimo.net ;)

Re: [ANN] AVG Anti-Rootkit Beta available

I alt.comp.anti-virus, sa Vinzenz Feenstra utan att tänka först:

Quoted text here. Click to load it

And when it's a finished product, will it be free- or payware?

--
Arne Anka

Om femhundra år är det ingen jävel som minns att en yster
anka gick här och viftade med simfötterna och hade ståkuk!

<http://starcruiser.dk/conny

Re: [ANN] AVG Anti-Rootkit Beta available

Arne Anka schrieb:
Quoted text here. Click to load it
Hi,

Currently it is beta, I don't about the plans what will be. I'm just a
small innocent developer :/

I just wanted to notify you about that. :)

--
Regards,
Vinzenz Feenstra

And now visit my WeBlog < http://blog.evilissimo.net ;)

Re: [ANN] AVG Anti-Rootkit Beta available

On 2006-08-08 07:09:33, Vinzenz Feenstra wrote:
Quoted text here. Click to load it

Thanks for the heads up.  Was looking for exactly something like
that and this one checks out nicely.  I was happy to find I had
no rootkits.

Quint


------------------------------------------------------------------------------
NOD32/ZoneAlarm/SpyDoctor/Hardware firewall

Re: [ANN] AVG Anti-Rootkit Beta available


Quoted text here. Click to load it

From a developer's standpoint, do you think it will detect other anti-rootkit
programs as rootkits, and will those others in turn detect it?



Re: [ANN] AVG Anti-Rootkit Beta available

Quoted text here. Click to load it

Hi,

This is a good question :) We know that this has happened in our tests,
but we're improving it and fixing such "false positives". It can be that
others will detect our anti-rootkit software as a rootkit but of course
we cannot ensure that we don't have any further false positive. This is
a reason why we're currently in beta only.

The main problem with developing rootkit revealer is that other
anti-rootkit applications often behave almost like a rootkit. So the
detection is somehow correct.

However, as far as I know this will be a longer beta period. And we have
to rely on the users expiriences to improve the detection and prevent
false positives.


--
Regards,
Vinzenz Feenstra

And now visit my WeBlog < http://blog.evilissimo.net ;)

Re: [ANN] AVG Anti-Rootkit Beta available


Quoted text here. Click to load it

IMO such detections would not be false positives. If it "walks like a duck...",
as they say...

I can see a sort of whitelisting for known legitimate "rootkits" being
implemented
and then exploited by malware wishing to appear legitimate to the scanner. A
'sig'
that further identifies the legit "rootkit" as part of the scanner's
verification process.

Quoted text here. Click to load it

In this view, what behavior is "rootkit-like" or not?

Quoted text here. Click to load it

Good luck with the project - the marketplace is ripe for the picking. :)



Site Timeline