Re: F-Secure Blacklight

From: Roger Abell (mvpNOSpam_at_asu.edu)
Date: 06/29/05 

Date: Tue, 28 Jun 2005 22:32:09 -0700

But, be aware that there are rootkit variants that are not detected.
It is a small war game of hide and seek.

In other words, when using one of these testing applications in
an online mode remember that finding something does tell you
something, but not finding anything does not tell you anything
(except that the tool could not find anything), specifically it does
not tell you that there is nothing there. 

-- 
Roger Abell
Microsoft MVP (Windows  Security)
"Bigbruva" <Richardh@dontusethis.ws> wrote in message
news:%23BPj8mEfFHA.1948@TK2MSFTNGP12.phx.gbl...
> Good advice, however currently the SysInternals RootkitRevealer is a much
> more affective scanner, it is not in Beta and works in Boot environments
> like WinPE.
> http://www.sysinternals.com/Utilities/RootkitRevealer.html
>
> BB
>
>
> "PS" <PS@discussions.microsoft.com> wrote in message
> news:1D51376A-577E-4AE4-A6FC-735E8AFDB609@microsoft.com...
> > It is probably a good idea for anyone who runs their system in Admin
mode
> > to
> > download the free beta of F-Secure's blacklight root virus detector and
> > scan
> > the systems. http://www.f-secure.com/blacklight/
> >
> > It is very dangerous to leave a system loged in with Admin rights -
unless
> > absolutely necessary you should run in one of the protected modes.
> > (knowledgeable techs can give admin rights to specific programs that
> > require
> > them by editing registry entry's - not for novices because you may lock
> > yourself out of your computer forever).
> >
> > PS
>
>