Process Walker 1.02 Beta 1

Discussion in 'other anti-malware software' started by Tommy, Oct 28, 2006.

Thread Status:
Not open for further replies.
  1. Tommy

    Tommy Registered Member

    Joined:
    Dec 24, 2002
    Posts:
    1,169
    Location:
    Buenos Aires - Munic
    From the home of Rootkit Unhooker (RkU) comes this fresh application. Hidden Processes Detector (Console) - includes new methods of processes detection. For Windows XP only

    http://rku.xell.ru/?l=e&a=dl
     
  2. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    8,038
    Location:
    The Netherlands
    So is this stuff really legit? Not that I´m planning to install it or anything. :ninja:
     
  3. Tommy

    Tommy Registered Member

    Joined:
    Dec 24, 2002
    Posts:
    1,169
    Location:
    Buenos Aires - Munic
    Why shouldn't it be legit? Working fine here.
     
  4. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    8,038
    Location:
    The Netherlands
    Well personally I´m a bit wary to use this unknown tools, eventhough a while back I did install DarkSpy, IceSword and GMER. Now I think I was perhaps a bit too fast to trust these tools. :rolleyes:
     
  5. Tommy

    Tommy Registered Member

    Joined:
    Dec 24, 2002
    Posts:
    1,169
    Location:
    Buenos Aires - Munic
    They are 'simple' scanning tools.
    If there is something wrong with them, there for sure will be a comment in the Sysinternal forum, where those tools are presented and discussed.
     
  6. EASTER.2010

    EASTER.2010 Guest

    I wouldn't be too overly concerned about using pwalker.
    Like some others, i ran it thru paces and in fact one of the first releases BSOD my box without remedy. Posted to their forums the MEMORY.DMP which was requested by author for review and not long after another version came about which resolved that issue.

    It's a simple but very useful utility for uncovering possible hidden processes and the like. It's a keeper in my inventory.
     
  7. Longboard

    Longboard Registered Member

    Joined:
    Oct 2, 2004
    Posts:
    3,187
    Location:
    Sydney, Australia
    A very neat and powerful tool ;)
     
  8. Z0mBiE

    Z0mBiE Registered Member

    Joined:
    Dec 4, 2006
    Posts:
    21
    Just tried v1.04 - yes, good for hidden processes detection
     
  9. EP_X0FF

    EP_X0FF Registered Member

    Joined:
    Nov 8, 2006
    Posts:
    233
    FYI, all Process Walker functionality are ported to Rootkit Unhooker v3.0 RC2
     
  10. EP_X0FF

    EP_X0FF Registered Member

    Joined:
    Nov 8, 2006
    Posts:
    233
    Process Walker has been updated to v1.0.5

    - fixed bug that can lead to BSOD's on some machines
    - fixed UI bug

    For Windows XP SP2 Only, free from http://rku.xell.ru/?l=e&a=dl
     
  11. Longboard

    Longboard Registered Member

    Joined:
    Oct 2, 2004
    Posts:
    3,187
    Location:
    Sydney, Australia
    @EP_XOFF

    Sorry to say that I had complete system crash with this and then v1.04 as well
    Not BSOD but immediate (one click) crash and auto reboot.
    After the auto reboot: lost connection to POP3 server.
    Had message re "Visual Runtime library error with symantec blah blah
    ..sorry should have got screenie :oops:


    I was booted to an FDISR snapshot in which I have just updated NIS/NAV to v2007.2 This is the "sonar" version with the rootkit autoprotect function
    No other recent config changes.
    Symantec strikes again.

    Isn't this "just" a very advanced process scanner

    This had never happened before with NIS/NAV 2007 and Pwalker 1.04.

    if you are interested,
    Is there some info I can retrieve for you?
    Want me to do it again :gack: LOL (have very robust imaging tools )

    Regards.
     
  12. EP_X0FF

    EP_X0FF Registered Member

    Joined:
    Nov 8, 2006
    Posts:
    233
    Hi, Longboard.

    What are you describing looks like BSOD + Automatically Reboot. Please upload minidump file, located in windows\minidumps directory somewhere where I can access and look on it.
     
  13. EASTER.2010

    EASTER.2010 Guest

    Do you intend at some point to fashion a GUI for PW or just keep it as it already is, a console model? I assume since it's already ported to RKU there would be of no real interest to make GUI for console version?

    Thanks.
     
  14. MP_ART

    MP_ART Registered Member

    Joined:
    Dec 8, 2006
    Posts:
    25
    Location:
    Krsk
    PW is designed specially for security packs to make reports from command line. Therefore, we will not provide GUI.
     
  15. EASTER.2010

    EASTER.2010 Guest

    Not a prob. Just curious.

    While my testings of some Rootkit i found that command console was forcefully disabled by design, so that would make of none-effect ANY console tools untill that issue could be accurately traced down and resolved, of course leaves only available GUI RKDetectors programs to handle uncovering responsible files/drivers/processes etc.

    Which is yet another saving advantage to having RKUnhooker as a dependable RK-Hiddens detector of choice. Striking out and returning hooked code to default with RKUnhooker, restored the command-console functionality again. LoL
     
Loading...
Thread Status:
Not open for further replies.