Alch/Sherpya and others on the ClamWin Team: you might look into Helios, a free rootkit detection technology. There is an alpha version available. Their Web site says once they get all the APIs in place, it will be available for insertion into any antivirus/security product. Their intent is to prevent malware from using rootkits instead of finding it after it's already in place. If you would like to look into it further, go to:

https://helios.miel-labs.com/

Regards,

interesting program but very similar to other rootkit detectors, until they make it open source we cannot benefit at all from this software

Well, I'll keep my eyes open for something you might could use. This interested me because they were trying to prevent the use of rootkits. Most of the rootkit removers I've seen are for use after an infection. Helios has an explanation in a white paper as to some of the details.

Regards,

https://www.tripwire.com/products/enterprise/ost/ or https://www.greatis.com/unhackme/afxrootkitremoval.htm

Thanks for the infor, DGM.

Regards,

RootKitty (see https://www.ubcd4win.com/forum/index.php?showforum=48) might be worth a look. I believe it is open source--it is included on the Ultimate Boot Disk 4 Windows. It's probably pretty simple, but it might save you some code if it can used in ClamWin.

Regards,

I support that it would be an important thing to take a look at rootkit detection and that it could be integrated into ClamWin some day. I think rootkits could become a more dangerous hazard, than viruses itself. If they are hidden, it's mostly impossible to detect the viruses.

ClamAV has signatures for several rootkits now and they are adding to it all the time. It needs to spot a rootkit before it becomes active, however, as it takes a pretty sophisticated antivirus to detect one that is running on your computer. A scan in safe mode might find some of them. Much of the malware now comes with a rootkit.

Regards,