Post 46 - Rootkits

The majority of Post #42 is true, except for a few things.
Just because some topics on this Forum are over ones head and they can not make sense of them, does not mean that it should be degraded and passed off as an joke, there are people on this Forum that fully understand the Subjects of the Topics and want to learn more and provide others with their knowledge of the Subjects as well.....yes there is quite a bit of BSing going on here and there, but I for one am here to try to give and provide honest Help and Advice.....and I know there are more people being genuine in Honesty than not.....
Performing an standard Disk Format and Reinstall of the Operating System will render common infections incompatible, but not all Rootkits and its accompanying payload of malware.....Rootkits work from outside the Operating System and can hide in Bad Sectors of the Hard Disk thus have places to hide on the Hard Disk that are essentially outside the Operating Systems environment, untouchable by it, yet still at hand.....
Most wiping, erasing, formatting, and partitioning tools will not overwrite logical bad sectors on the Disk, leaving the Rootkits and their accompanying payload of malware behind and still active..... Rootkits in themselves are not an threat.....the danger is that Rootkits have the invincible power of Stealth.....Malicious Programmers can hide their malware safely inside the protection of the Rootkit.....
Rootkits reside in the Root of things, thus the name 'Root' that service as an protective container for the accompanying payload of malware, or on the bright side, the accompanying payload of Software Code with productive, safe intentions, together they are an 'KIT'.....thus the name 'ROOTKIT'.....and Rootkits are not an joke.....
Once the Computer is compromised by an Rootkit with its accompanying payload of malware, all files in the System can not be trusted and are likely infected.....this includes all the System files, Software, backups, removable disks, and restore points..... Rootkits can not only hide themselves in Bad Sectors of Hard Disks, they can also hide themselves in the Boot Sectors of Hard Disks, CD/DVD, and Floppy Disks..... Rootkits can also hide in the Firmware of Hardware Components, in the BIOS, Motherboard, Video-card EEPROM or Alternate Data Streams.....
Rootkits hide their processes, files, and folders by using sophisticated hooking and filtering techniques. As a result, traditional methods of viewing the system state typically return no indication of foul play.....the Rootkit makes sure of that. When an Rootkit is cloaked, system utilities such as Task Manager, Regedit, will not be able to expose the processes and Registry data that should betray the presence of the Rootkit. The lurking Rootkit files will not be viewable in Windows Explorer or even via the command line.....The Rootkit needs to be uncloaked, in return the Malware Components it was hiding become uncloaked as well.....
Removing an Rootkit is an two step process:
1). Uncloaking and removing the Rootkit.....this step involves using special Software tools that can find the Rootkit and remove it.
2). Removing the malware payload associated with the Rootkit.....this step normally uses conventional security programs such as Anti-Virus, Anti-Trojan, and Anti-Spyware scanners. This step may also involve manual deletion of some stubborn Rootkit components.
Some helpful tools to help detect and remove Rootkits are: RootkitRevealer by Microsoft, Rootkit_Detective by McAfee, BlackLight by F-Secure, UnHackMe by Greatis, AVG Anti-rootkit by Grisoft to name a few.....
-drdos
https://forum.kaspersky.com/index.php?showtopicP275&hl=BoaterDave&stE
--

*Can an Apple OS X system suffer from a Rootkit infection too*?

Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload

So-called "rootkits" are just another tool to scare the public into buying the services of "anti-malware" code writers. "Rootkits" are practically impossible to deliver and easily defeated by reinstalling a clean OS, or simply a clean image. Even if hidden on a HD, the malware becomes simple garbage. It has no way of being executed. Just scare tactics. But it works.
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload
On Sun, 7 May 2017 09:13:11 +0100, "David B."
    Talking to yourself again ?     You've lost it. Stark raving crazy.     []'s
--
Don't be evil - Google 2004
We have a new policy - Google 2012
  Click to see the full signature.
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload
On 07/05/2017 16:04, Shadow wrote:

Do you agree with William Bowtrain?
--
"The important thing is not to stop questioning."
- Albert Einstein
  Click to see the full signature.
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload
On Sun, 7 May 2017 16:28:20 +0100, "David B."

    About what ? Explain what he said.     []'s
--
Don't be evil - Google 2004
We have a new policy - Google 2012
  Click to see the full signature.
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload
On 07/05/2017 22:20, Shadow wrote:

He said ....
So-called "rootkits" are just another tool to scare the public into buying the services of "anti-malware" code writers. "Rootkits" are practically impossible to deliver and easily defeated by reinstalling a clean OS, or simply a clean image. Even if hidden on a HD, the malware becomes simple garbage. It has no way of being executed. Just scare tactics. But it works.
--
"The important thing is not to stop questioning."
- Albert Einstein
  Click to see the full signature.
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload
On Sun, 7 May 2017 23:54:43 +0100, "David B."

    No, in your own words. Explain what a rootkit is and how you would go about removing one (if possible).     It's your thread. I'm amazed you have not contributed anything other than 2 completely Off Topic cut and pastes.     []'s
--
Don't be evil - Google 2004
We have a new policy - Google 2012
  Click to see the full signature.
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload
On 08/05/2017 00:12, Shadow wrote:

A rootkit is a stealthy type of malicious software designed to lie hidden on a computer and remain undetected by antivirus software. It enables continued administrative access to a computer, allowing access to your personal information. Rootkits are frequently used in combination with other malware to hide them from users and security products.
There are a number of products available on-line which purport to find and remove rootkits but I suspect that none of them would leave you totally confident that your computer is 'clean' afterwards.
The main target market was Microsoft Windows but nowadays Apple computers are also being targeted.
--
"Do something wonderful, people may imitate it." (Albert Schweitzer)


Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload
On Tue, 9 May 2017 08:45:26 +0100, "David B."

    So, you no idea what a rootkit is ?     So why the post ? STALKING ?     []'s
--
Don't be evil - Google 2004
We have a new policy - Google 2012
  Click to see the full signature.
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload
On 10/05/2017 14:28, Shadow wrote:

Seems that you are a tad brighter than dear Dustin! :-)
I've used ESET in years gone by. They have a good reputation.
--
"Do something wonderful, people may imitate it." (Albert Schweitzer)


Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload
Wed, 10 May 2017 21:38:51 GMT in alt.home.repair, wrote:

LOL! Are you trying to recruit him? I didn't bother to search for any of the keywords in the post you lifted, David. So, I had no idea where you stole it. But, it's not 100% accurate, either.
That wouldn't be the first time an antivirus company has gotten things wrong though.
See this one:
https://www.f-secure.com/v-descs/irok.shtml
And indeed, the virus has corrupted files on the hard drive during this event. Technical Details: Katrin Tocheva, Sami Rautiainen and Alexey Podrezov, F-Secure
Which is not true. Irok doesn't corrupt the hard disk, doesn't format the hard disk, either. I succesfully, tricked those experts and infected users alike into thinking it did, by using an old copy protection trick from the 80s. Neat eh? Simple, too. Very simple.
That's not the only incorrect statement they wrote concerning it, either. It's just the funniest. Here's one from your favorite antivirus experts former employer:
https://www.sophos.com/en-us/threat-center/threat-analyses/viruses-and-spyware/Irok-10000/detailed-analysis.aspx The virus may corrupt the data on the hard drive.
It does no such thing.
--
I would like to apologize for not having offended you yet.
Please be patient. I will get to you shortly.
  Click to see the full signature.
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload
10 May 2017 13:28:30 GMT in alt.home.repair, wrote:
[snip]

That's where he swiped it? ROFL.

Would there be any other reason?
--
I would like to apologize for not having offended you yet.
Please be patient. I will get to you shortly.
  Click to see the full signature.
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload
On Sun, 7 May 2017 09:13:11 +0100, David B. wrote:

A rootkit is just an exploit of software bug(s). If a software doesn't have any bug that causes unhandled error, it can't be exploited.
In the real world, rootkits are less harmful than scamwares. Because believe it or not, softwares have more defensive measures than most users.
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload
On 08/05/2017 14:24, JJ wrote:

Thanks for your post, JJ, but I think you should heed the words of Dustin (posting here as Diesel).
You might like to explore some of the leads you can find here, too:-
https://duckduckgo.com/?q=finding+a+rootkit+on+OS+X&bext=msl&atb=v63-1&ia=web
Have a great day! :-)
--
"The important thing is not to stop questioning."
- Albert Einstein
  Click to see the full signature.
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload

Site Timeline

HomeOwnersHub.com is a website for homeowners and building and maintenance pros. It is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.