Rootkit Detection

How bout x64 bit OS with their Patch guard? Are they immune from root kits as they say in this link. http://searchwindowssecurity.techtarget.com/tip/0,289483,sid45_gci1302397,00.html

 

You're correct that that's the day of the blog entry. However, the blog writer isn't the same person who wrote nor translated those comments, which was originally written in Russian apparently.

The author does seem to take a critical view of others' work. I think the author was trying to convey the idea that, in the author's opinion, most of the other anti-rootkits are easily bypassed if a rootkit writer has the knowledge and willingness to do so. By the way, I've seen elsewhere that the author now works for Microsoft.

 

Hi

Well one thing I'm confused about is, if all anti-rootkits are really so worthless, why are they so popular?

Thanks

 

They're popular for the same reason that users of Firefox/MacOS/Linux feel they have nothing to worry about.

 

Ah... I see. But Firefox really is much better than IE.

 

From looking at the results of the anti-rootkit programs from post #1, I wouldn't agree that they're worthless. The alleged author of those comments also made a rootkit that his/her own RootKit Unhooker LE v3.7 can detect but cannot remove, so does that make even his/her own anti-rootkit program 'useless' too because it's not perfect? (See http://forum.sysinternals.com/forum_posts.asp?TID=13773&PN=2)