To our Chinese friends.....

Hello to you,

IceSword is a remarkably effective tool against rootkits. IceSword is available only in Chinese language. Who of our Chinese avast forum members knows it or uses it, and wants to tell us about it.
The author of this stable Chinese rootkit detection tool is known as “pjf”. No rootkit so far could pass the IceSword kernel. Malcreats start to analyze it, because it is a threat to them.
Source: http://xfocus.net/tools/200505/1032.html.

Who will comment?

polonus

English Version:
ftp://202.38.76.151/pub2/Kernel/Windows/tools/IceSword_en1.12.rar

It is not the newest version. But, does that make a difference?

FREEWARE - IceSword 1.18 English version is available at:
http://xfocus.net/tools/200509/1085.html

If you would prefer a ZIP version, it’s available from MySharedFiles :slight_smile:
Look for:
IceSword1.1.8en.zip

Does anyone know of an English help file?

Hi Mauserme,

A tutorial can be found here: http://swatrant.blogspot.com/2006/05/catching-hook-based-keyloggers-using.html
or from here: http://www.castlecops.com/t156595-How_to_Remove_Rootkits_with_IceSword_English.html

polonus

Thank you :slight_smile:

or from here: http://www.castlecops.com/t156595-How_to_Remove_Rootkits_with_IceSword_English.html
Thsi link doesn't work. :'(

The link works, but it goes to a registration page, there appears to be an intercept and a redirect in force at castlecops ?

http://www.castlecops.com/modules.php?name=Your_Account&redirect=viewtopic&p=0&start=0

I haven’t seen this before at CC, I wonder if this is a new policy, you must register to use it or if some areas are restricted ?

I signed in since I belong to that forum but the link still didn’t work.

Hi bob3160,

Just a question, that particular way of signing in on the Castlecops forum is that effective against spam? Just wondering, because spotted another spam incident here just the other day, but the moderators were very quicxk to remove it.

My apologies to you for that one link not working, the other link probably gave enough of information how to work this program. Alas linkrot is something we have to live with nowadays, the Internet sometimes feels like quicksand.

polonus

That kind of registering using capture (‘captua’ not just signing in) should stop bots from registering and spamming, but will do nothing to stop drive by spamming that is generally the issue human registering and posting a few posts.

The current forum registration is a two step process 1) register for membership including an email address, 2) you are then sent an email with the final step, an activation code.

This ensures a real email has to be given so the second step can be received allowing activation. I know this isn’t much to use a throwaway email, but that has to be better than a single step process and effectively blocks bots, but not a determined drive by spammer, that requires users to report all spam.

Yes, the internet is in some cases getting more difficult to access, but having to register at a site just to access the information and not to post is crazy how many forums would you have to register at if they all implemented this practice,

I agree with David and it still will not stop the individual who intends to peddle
his/her smut even if it only lasts a few seconds. Unfortunately, that’s how this person gets his/her jollies. :cry: