Anyone know why Panda Anti-rootkit would attempt to modify another program on a computer it is scanning? A friend reported that they were trying out Panda Anti-rootkit and that Cyberhawk notified them that Panda was attempting to change/modify another program on their computer. Is it a necessary part of the scan to temporarily change another program or something or is something amiss? I apologize for not being able to get the exact message offered by Cyberhawk or the program that Panda was reportedly attempting to modify. I do know however that it happened during the part of the scan called "evaluating incidents" or something to that effect. ??? I was just wondering since I had myself considered trying the program but if it modifies other programs I would definitely want to know why and that it was necessary, etc. before installing it.

Thanks

Not sure why that is but my experance with Panda ARK was short lived.Seems thier app adds ADS.Not on my PC.Could not find an answer why so it stays off.:thumbd:

I wonder if I installed Panda while using Powershadow's shadowmode to try it out if it would remove all of it on reboot including the ADS? I have never had any changes last past reboot with PS but I don't know if Panda makes deep changes that might survive reboot. I don't know much about alternate data streams either.

If you do decide to try Panda ARK and then remove you can scan for ADS with ADS Spy. (http://www.merijn.org/programs.php#adsspy) I don't know alot about ADS either other then the fact spyware can and does infect this way. Better safe then sorry.

-{ Quote: "Not sure why that is but my experance with Panda ARK was short lived.Seems thier app adds ADS.Not on my PC.Could not find an answer why so it stays off.:thumbd:" }-

Lonewolf,

Does Panda ARK use ADS itself or is it that it scans within ADS?

Neil Rubenking of PC Magazine lauded PARK and said it was one of the best he has tested.

But I agree with LoneWolf. I test drove one of the last public beta's of PARK and it left at least one file behind that contained an Alternate Data Stream. It was likely a completely harmless issue but I didn't expect it and certainly didn't like it. (Most programs do not do this.)

Beyond the ADS tag, I do not know what PARK may be doing. But in my case, I have no plans to try it again. And I won't promote it...

I am not trying to promote PARK. I am asking questions to try and learn whether I would even want to try it. Since I have not tried it personally I can't recommend it to anyone.

-{ Quote: "I am asking questions to try and learn " }-

That's what I do.;D

Sorry if my reply implied you were promoting PARK. I did not mean that. :o What I meant was I don't recommend it...