AVG free and rootkits ?

Discussion in 'other anti-virus software' started by Johny nemonic, Feb 10, 2004.

Thread Status:
Not open for further replies.
  1. I did some testing >AVG free against rootkits< results :

    Hacker defender (latest versions) : not detected
    AFX 2003 : not detected
    FU root : not detected
    Vanquisch : not detected
    He4 Hook : not detected

    Why doesn't Grisoft included strings for this in there database ?

    I consider this one of the greatest dangers lurking on the internet (rootkits for NT)

    Not even there "so called heuristics" detected anything ?

    glad to have Pest-patrol running also (wich does detects them) ,and also Abtrusion protector.

    Does this means AVG is no good ? some of these rootkits are found on the net for months, not to say years.

    - Fixed the subject line to help with future searches (AVG instead of AGV) - LWM
     
  2. LowWaterMark

    LowWaterMark Administrator

    Joined:
    Aug 10, 2002
    Posts:
    18,278
    Location:
    New England
    I'm in no way very knowledgable in the antivirus area, and I usually leave these questions to those that know much more, but I have a side question on this that might lead to better clarification of the issue for us all...

    Are these root kits themselves trojans that self install, or are they actually the payload that some other malware delivers once it has obtained access to a system? If they aren't malware in and of themselves, but are installed by malware, then so long as an AV product blocks the "carrying" malware, I'd think it'd be enough.

    Again, I don't know so this is a serious question. Are these root kits themselves pieces of malware that infect people's systems directly or are they delivered by something else?
     
  3. illukka

    illukka Spyware Fighter

    Joined:
    Jun 23, 2003
    Posts:
    633
    Location:
    S.A.V.O
    why don't you submit these rootkits to avg? why complain here...
    i don't know why fu rootkit for example should be detected, it's just a demo(no backdoor), kav detects it though..it prolly can be used to hide a backdoor process and files

    LWM ask gavin about rootkits... i personally think that open source rootkits like haxdef are the most fearsome pieces of malware currently around.. ..
     
  4. pavluv

    pavluv Registered Member

    Joined:
    Feb 11, 2004
    Posts:
    9
    Hi, this is(unfortunately) not a real answer to your question,
    rather an extra comment: last month the Dutch Consumentenbond tested a lot of antivirus-programs and they found that AVG was a total failure. This shocked me-used it for months already and assuming to be safe!!!
    Immediately un-installed the snip and in its place took another,
    AntiVir.That one was tested ok-and free.

    edited to keep the language clean - Detox
     
  5. Bowserman

    Bowserman Infrequent Poster

    Joined:
    Apr 15, 2003
    Posts:
    510
    Location:
    South Australia

    Hi LWM :).

    Some of this info may help until someone more knowledgeable can reply.


    From "A *REAL* NT Rootkit, patching the NT Kernel....by Greg Hoglund"


    and,

    From the DCS Process Guard help file.


    Rootkits can also infect (for want of a better word) a system via exploits, worms etc.


    Regards,
    Jade.
     
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.