What's the deal with this Chinese peice of software?


controler

probably it still in China, but I cannot confirm yet (DHL,TNT,UPS, .. ) .. best to shut up he? :)

where did you found this info? on r**tkit dot com?


/edit: http://www.antirootkit.com/software/Archon-Scanner.htm

checkin' it out ...

but the screenshot isn't saying that much

no download for now ..

but very very interesting =

http://www.antirootkit.com/software/index.htm

I can tell you most of the GUI is in English but some is still in Chinese.

On my system, it shows PG as questionable.

In easy mode it looks at memory, when you switch to advanced it actually installs a service-driver.

con

looks like a very interesting site showing lots and lots of info on Behavioural Blockers/Detectors

I'm waiting to install it, somehow I can't ... but thanx for this interesting info (as always Controller)

best wishes

Controller, do you have any idea what this klif.sys is doing on everything where SSM isn't covering api calls?

I actualy downloaded it from the Chinese site.
Their site say the free trial is for one year. The first time I opened the GUI, I got and continue to get a window saying my free trial has expired.
The program is very buggy yet on my system. It doesn't remember normal mode. Every time I go to run a scan and select normal, the program still does the advanced scan. When the GUI first comes up and I run a scan it appears to lock up but is actualy working.(shouldn't) The little Busy window comes up right in front of the progress bar (shouldn't)and when done scanning the screen flashes and the GUI becomes maximized (shouldn't)with the results window.

In screenshot below, is the Chinese writing to left of English writing mean the same thing?

Here is the blog spot, mostly in Chnese.

http://x-solve.com/blog/

controler

Hi, folks: I read Chinese. This app is made in Taiwan, not in China. In Taiwan, people use the Traditional version instead of simplified one. The titles in Chinese are read as: scanning engine version (right underneath Archon Scanner). then other subtitles are: version info; starting time; scanning time;scanning tatget;O/S; scanning mode; report mode. Hope this will help to some extent.:-*

Question is how do we know that thes tools are not rootkits themselves? Perhaps I´m being a bit paranoid but I really don´t know if it´s good idea to install all these new anti rootkit tools that are not more widely known. :shifty:

I´ve also installed a couple of tools my self, like IceSword, DarkSpy and GMER, but I´m not sure if it was the right thing to do. They all looked like legitimate apps to me, but the plan is to stay rootkit free in the future so I don´t need to run these tools in the first place.

-{ Quote: "Question is how do we know that thes tools are not rootkits themselves?" }-

We don't but the SATA hard drive I just installed in my computer was made in China along with 75 % of everything else here in the USA. It has always seemed strange to me why we do so much buisness with China when they are not even an alie. I can tell you the CIA used to install tracking chips in printers that went overseasthough.

Perman? maybe you can direct one of the English speaking developers to this forum?

Devil's Advocate? Have you tried this one yet?

con

Hi, folks: For controler: I went to the blog link provided by you and found out that not a single discussion is related to the app(Archon Scanner) , with exception of the annocement of app release. Very boring indeed. I have no direct link with this company, I would guess they will eventually log into this forum when the time is right for them. Tech has no border, quite a few excellent apps are conceived and developed in developing nations. Whether is or not a rootkit is everybody's guess, as usual, excercice you common sense.:-*

Thankyou Perman

Thre is also a dedicated spot for this program over at antirootkit dot com but not many posts there either.

http://www.antirootkit.com/forums/index.php


controler

I read chinese too.

And I'm all for America trading with China.