Thread: Post 46 - Rootkits
View Single Post
  #1   Report Post  
Posted to alt.computer.workshop,alt.home.repair
David B.[_4_] David B.[_4_] is offline
external usenet poster
  
Posts: 153
Default Post 46 - Rootkits
The majority of Post #42 is true, except for a few things.

Just because some topics on this Forum are over ones head and they can
not make sense
of them, does not mean that it should be degraded and passed off as an
joke, there are
people on this Forum that fully understand the Subjects of the Topics
and want to
learn more and provide others with their knowledge of the Subjects as
well.....yes
there is quite a bit of BSing going on here and there, but I for one am
here to try
to give and provide honest Help and Advice.....and I know there are more
people being
genuine in Honesty than not.....

Performing an standard Disk Format and Reinstall of the Operating System
will render common infections incompatible, but not all Rootkits and its
accompanying payload of malware.....Rootkits work from outside the Operating
System and can hide in Bad Sectors of the Hard Disk thus have places to hide
on the Hard Disk that are essentially outside the Operating Systems
environment,
untouchable by it, yet still at hand.....

Most wiping, erasing, formatting, and partitioning tools will not overwrite
logical bad sectors on the Disk, leaving the Rootkits and their accompanying
payload of malware behind and still active.....
Rootkits in themselves are not an threat.....the danger is that Rootkits
have
the invincible power of Stealth.....Malicious Programmers can hide their
malware
safely inside the protection of the Rootkit.....

Rootkits reside in the Root of things, thus the name 'Root' that service
as an
protective container for the accompanying payload of malware, or on the
bright side,
the accompanying payload of Software Code with productive, safe
intentions, together
they are an 'KIT'.....thus the name 'ROOTKIT'.....and Rootkits are not
an joke.....

Once the Computer is compromised by an Rootkit with its accompanying
payload of malware,
all files in the System can not be trusted and are likely
infected.....this includes
all the System files, Software, backups, removable disks, and restore
points.....
Rootkits can not only hide themselves in Bad Sectors of Hard Disks, they
can also
hide themselves in the Boot Sectors of Hard Disks, CD/DVD, and Floppy
Disks.....
Rootkits can also hide in the Firmware of Hardware Components, in the BIOS,
Motherboard, Video-card EEPROM or Alternate Data Streams.....

Rootkits hide their processes, files, and folders by using sophisticated
hooking and
filtering techniques. As a result, traditional methods of viewing the
system state
typically return no indication of foul play.....the Rootkit makes sure
of that.
When an Rootkit is cloaked, system utilities such as Task Manager,
Regedit, will not
be able to expose the processes and Registry data that should betray the
presence of
the Rootkit. The lurking Rootkit files will not be viewable in Windows
Explorer or
even via the command line.....The Rootkit needs to be uncloaked, in
return the
Malware Components it was hiding become uncloaked as well.....

Removing an Rootkit is an two step process:

1). Uncloaking and removing the Rootkit.....this step involves using
special Software
tools that can find the Rootkit and remove it.

2). Removing the malware payload associated with the Rootkit.....this
step normally
uses conventional security programs such as Anti-Virus, Anti-Trojan, and
Anti-Spyware
scanners. This step may also involve manual deletion of some stubborn
Rootkit components.

Some helpful tools to help detect and remove Rootkits a
RootkitRevealer by Microsoft, Rootkit_Detective by McAfee, BlackLight by
F-Secure,
UnHackMe by Greatis, AVG Anti-rootkit by Grisoft to name a few.....

-drdos

https://forum.kaspersky.com/index.ph...aterDave&st=45

--

*Can an Apple OS X system suffer from a Rootkit infection too*?

--
David B.
Reply With QuoteReply With Quote