F-Secure BlackLight

Discussion in 'other anti-trojan software' started by G1111, Jun 29, 2005.

Thread Status:
Not open for further replies.
  1. G1111

    G1111 Registered Member

    Joined:
    May 11, 2005
    Posts:
    2,127
    Location:
    USA
    Does anyone know what is going to happen to F-Secure's BlackLight Rootkit Eliminator. The Beta version is suppose to expire on July 1.
     
  2. Infinity

    Infinity Registered Member

    Joined:
    May 31, 2004
    Posts:
    2,651
    just don't count on blacklight to secure you from rootkits. it's on demand and waaaay to late to clean yourself from a rootkit.

    /edit: and it's not kernel driven so how could it clean it decently anyway?...
     
    Last edited: Jun 30, 2005
  3. IAgree

    IAgree Guest

    I totally agree with those comments by Infinity. In my tests, BlackLight won't even find some common commercially available kernel based keyloggers, that are basically rootkits. The difference between them and real rootkits is all the keyloggers do is log keystrokes. But Unhackme and RootkitRevealer (both rootkit detectors also) will find these type of threats.

    So I would say BackLight is really not very good, and needs a lot of work if it is to become a useful tool in detecting rootkits. It simply cannot be relied on for rootkit detection.

    Though all the different rootkit detectors really need some work in making their results more easy to interpret. Any detections should be more clear and detailed as to exactly what you are detecting.
     
  4. Sputnik

    Sputnik Registered Member

    Joined:
    Feb 24, 2005
    Posts:
    1,198
    Location:
    Москва
    Why worrie?

    http://www.f-secure.com/blacklight/
     
  5. G1111

    G1111 Registered Member

    Joined:
    May 11, 2005
    Posts:
    2,127
    Location:
    USA
    Thanks - Just using it as an extra scanner. I have ProcessGuard, WormGuard, RegDefend, Kaspersky AV and TrojanHunter running upfront.
     
  6. richrf

    richrf Registered Member

    Joined:
    Dec 11, 2003
    Posts:
    1,907
    Hi G1111,

    We have similar setups (I use Ewido instead of Tojan Hunter). I am running UnHackMe for a while now. It runs cleanly in my environment (XP SP2, 512K, 2.5 Ghz). If you are looking for an additional rootkit backup scanner, you may want to check it out. Support is minimal, but it doesn't seem like it needs much support.

    Rich
     
  7. G1111

    G1111 Registered Member

    Joined:
    May 11, 2005
    Posts:
    2,127
    Location:
    USA
    Thanks Rich, I'll check it out.
     
  8. G1111

    G1111 Registered Member

    Joined:
    May 11, 2005
    Posts:
    2,127
    Location:
    USA
    Rich - Went to UnHackMe's website and see they are getting $19.95 for the program. I went an updated the Beta version of Blacklight for now. It is good to October 1. After purchasing ZAP, KAV, TH, PG, WG, RD and WinPatrol Plus this year to replace the only security I was running last year (McAfee AV, Firewall and AS) I feel much more secure, but a bit lighter in the pocketbook.
     
  9. richrf

    richrf Registered Member

    Joined:
    Dec 11, 2003
    Posts:
    1,907
    Hi G1111,

    I agree. You have plenty of protection and with PG installed, UnHackMe truly maybe overkill.

    Cya,
    Rich
     
  10. Infinity

    Infinity Registered Member

    Joined:
    May 31, 2004
    Posts:
    2,651
    If you use processguard smart (details like don't let services.exe install any driver, use another taskmanager...) then you probably don't need any program like unhackme or blacklight...just my two cents.
     
  11. G1111

    G1111 Registered Member

    Joined:
    May 11, 2005
    Posts:
    2,127
    Location:
    USA
    Infinity - Thanks for the response. I also use a number of on demand and online scanners in case my main defenses miss something. For on demand scanners I use free ones like Ad-Aware Personal, Bazooka, HijackThis, DllCompare, etc. that do not run in the foreground so they take up no resources. Blacklight falls in this category so I added it. I was running Sysinternals Rootkit Revealer and may go back to it when the Beta period ends for Blacklight. I like to have scanners that look at different things and in different ways. So far so good (no detections).
     
  12. Infinity

    Infinity Registered Member

    Joined:
    May 31, 2004
    Posts:
    2,651
    Good, we all like fast computers :) ondemand scanners certainly can help in this matter...and it's not an unnecessary program, not at all.
    Take care
     
Thread Status:
Not open for further replies.