rootkit.com

main menu

home

forums
Show me new threads!

bookmarks

view blogs

vault

you must be level 2 to upload files to your vault

downloads

you must be logged on, and level 1, to access downloads

Rootkit Collection

File	Contributer	Link
Hacker Def...	hf	n/a
HE4Hook	admin	n/a
BASIC CLAS...	hoglund	n/a
Vanquish	xshadow	n/a
NT Rootkit	hoglund	n/a
FU	fuzen_op	n/a
WinlogonHi...	JeFFOsZ	n/a
klister	joanna	n/a
Patchfinde...	joanna	n/a
MyNetwork	hoglund	n/a
MTDWin	hoglund	n/a
NTFSHider	hoglund	n/a
VideoCardK...	hoglund	n/a
VICE	fuzen_op	n/a
Klog	Clandestin...	n/a
NtIllusion	Kdm	n/a
AFX Rootki...	TheRealAph...	n/a
SInAR	vulndev	n/a
Shadow Wal...	Clandestin...	n/a
BootRootki...	dereksoede...	n/a
CHAZ - Nim...	neocrackr	n/a
Clandestin...	merlvingia...	n/a
FUTo	petersilbe...	n/a
Windows Me...	alcapone66...	n/a
RAIDE	petersilbe...	n/a
BOOT KIT	vipinkumar	n/a
BluePill	Joanna and...	n/a
DEFRAG	blume1975	n/a
Keyboard H...	chpie	n/a
CheatEngin...	DarkByte	n/a

backends
A news back-end to implement RootKit news into your website is here or more advanced version here.

An XML/RSS feed that includes both NEWS and BLOGS for RootKit is here: XML/RSS.

Beta feed for replied posts here. feedback to admins not forums, we know about times being off...

029: SpiDiE V2 or Good-Bye Dr.Web!
Jan 15 2010, 04:11 (UTC+0)

DiabloNova writes:
029: SpiDiE V2 or Good-Bye Dr.Web!

Yet another fuckup of Dr.Web Self-Protection, this time really complete.

::WARNING! RED ALERT!
Take care, when trying this Proof-of-Concept – don’t forget to backup key file etc. SpiDiE can
be classified as malware by some lame antiviruses, do not believe them,
SpiDiE is only PoC, targeting only Dr.Web 5

This Proof-of-Concept was tested with previous and current (15 January 2010) version of Dr.Web5.
Take a hint, because it is PoC, it can work and can not work. But in 99% it should work.

Instruction for safe usage

1. Use VmWare/VirtualPC/VBox.
2. Install latest Dr.Web
3. Run SpiDiE.exe, select Yes and watch.
4. Reboot after final message box.

D/L (~206 Kb)
http://www.rootkit.com/vault/DiabloNova/029_DrWeb5.rar

Have a fun! :)

15 January 2010
EP_X0FF, UG North

read comments (3) / write comment

recent comments:
DrWeb n0name 15.Jan:05:23

printer-friendly version

ROOTKITS, Subverting the Windows Kernel
By: Greg Hoglund and Jamie Butler

Rootkits are powerful tools to compromise computer systems without detection. Get the original and best book on the subject here.

logged users

active for last 5 minutes

registered users:80359

There are currently 0 registered users and 21 guests browsing the website.

Welcome our latest registered user: ALAalusia34

recent board posts
subject author date
Re a1vr Sep / 08
Re a1vr Sep / 08
Which driv... chris_labwork Sep / 07
Delete a l... zoom86 Sep / 07
rootkit is systan Sep / 01
help! i ca... qxsl2000 Aug / 31
ndis simpl... b919134 Aug / 30
ZwXxx Rout... systan Aug / 25
Hiding "sc... brym Aug / 24
MSV1_0_LOG... eKKiM Aug / 22
Driver Com... tp012409 Aug / 22
network fi... b919134 Aug / 18
I can't st... al3xey Aug / 12
Windows Vi... 120decibels Aug / 11
Creating a... masterjippo Aug / 10

recently replied posts
subject author date
Re a1vr Sep/08
Re a1vr Sep/08
Which driv... systan Sep/08
Delete a l... systan Sep/08
Rooting VP... huang840118 Sep/06
ZwXxx Rout... systan Sep/05
Hiding "sc... systan Sep/04
rootkit is systan Sep/01
ndis simpl... _MAX_ Aug/31
help! i ca... qxsl2000 Aug/31
header Vir... systan Aug/25

recent blog entries
littlebu Aug 24, 04:27
DiabloNova Aug 16, 04:49
DiabloNova Aug 13, 16:44
DiabloNova Aug 09, 15:25
DiabloNova Aug 05, 15:52

Best Screenshots / Analog
May 14, 2010
dep.png /
click on the picture to enlarge and see description
!
read comments (0)
write comment
view archive(90) :
Analog(53) / Best Screenshots(37)
submit a picture to gallery

the most active news users
based on the number of news posts for last 30 days

user nr. of posted news

select skin

According to my calculations, this problem does not exist.