1. Home
  2. Home Repair
  3. Post 46 - Rootkits

Post 46 - Rootkits

The majority of Post #42 is true, except for a few things.

Just because some topics on this Forum are over ones head and they can not make sense of them, does not mean that it should be degraded and passed off as an joke, there are people on this Forum that fully understand the Subjects of the Topics and want to learn more and provide others with their knowledge of the Subjects as well.....yes there is quite a bit of BSing going on here and there, but I for one am here to try to give and provide honest Help and Advice.....and I know there are more people being genuine in Honesty than not.....

Performing an standard Disk Format and Reinstall of the Operating System will render common infections incompatible, but not all Rootkits and its accompanying payload of malware.....Rootkits work from outside the Operating System and can hide in Bad Sectors of the Hard Disk thus have places to hide on the Hard Disk that are essentially outside the Operating Systems environment, untouchable by it, yet still at hand.....

Most wiping, erasing, formatting, and partitioning tools will not overwrite logical bad sectors on the Disk, leaving the Rootkits and their accompanying payload of malware behind and still active..... Rootkits in themselves are not an threat.....the danger is that Rootkits have the invincible power of Stealth.....Malicious Programmers can hide their malware safely inside the protection of the Rootkit.....

Rootkits reside in the Root of things, thus the name 'Root' that service as an protective container for the accompanying payload of malware, or on the bright side, the accompanying payload of Software Code with productive, safe intentions, together they are an 'KIT'.....thus the name 'ROOTKIT'.....and Rootkits are not an joke.....

Once the Computer is compromised by an Rootkit with its accompanying payload of malware, all files in the System can not be trusted and are likely infected.....this includes all the System files, Software, backups, removable disks, and restore points..... Rootkits can not only hide themselves in Bad Sectors of Hard Disks, they can also hide themselves in the Boot Sectors of Hard Disks, CD/DVD, and Floppy Disks..... Rootkits can also hide in the Firmware of Hardware Components, in the BIOS, Motherboard, Video-card EEPROM or Alternate Data Streams.....

Rootkits hide their processes, files, and folders by using sophisticated hooking and filtering techniques. As a result, traditional methods of viewing the system state typically return no indication of foul play.....the Rootkit makes sure of that. When an Rootkit is cloaked, system utilities such as Task Manager, Regedit, will not be able to expose the processes and Registry data that should betray the presence of the Rootkit. The lurking Rootkit files will not be viewable in Windows Explorer or even via the command line.....The Rootkit needs to be uncloaked, in return the Malware Components it was hiding become uncloaked as well.....

Removing an Rootkit is an two step process:

1). Uncloaking and removing the Rootkit.....this step involves using special Software tools that can find the Rootkit and remove it.

2). Removing the malware payload associated with the Rootkit.....this step normally uses conventional security programs such as Anti-Virus, Anti-Trojan, and Anti-Spyware scanners. This step may also involve manual deletion of some stubborn Rootkit components.

Some helpful tools to help detect and remove Rootkits are: RootkitRevealer by Microsoft, Rootkit_Detective by McAfee, BlackLight by F-Secure, UnHackMe by Greatis, AVG Anti-rootkit by Grisoft to name a few.....

-drdos

formatting link

Reply to
David B.
Loading thread data ...

So-called "rootkits" are just another tool to scare the public into buying the services of "anti-malware" code writers. "Rootkits" are practically impossible to deliver and easily defeated by reinstalling a clean OS, or simply a clean image. Even if hidden on a HD, the malware becomes simple garbage. It has no way of being executed. Just scare tactics. But it works.

Reply to
William Bowtrain

Talking to yourself again ? You've lost it. Stark raving crazy. []'s

Reply to
Shadow

Do you agree with William Bowtrain?

Reply to
David B.

About what ? Explain what he said. []'s

Reply to
Shadow

He said ....

So-called "rootkits" are just another tool to scare the public into buying the services of "anti-malware" code writers. "Rootkits" are practically impossible to deliver and easily defeated by reinstalling a clean OS, or simply a clean image. Even if hidden on a HD, the malware becomes simple garbage. It has no way of being executed. Just scare tactics. But it works.

Reply to
David B.

No, in your own words. Explain what a rootkit is and how you would go about removing one (if possible). It's your thread. I'm amazed you have not contributed anything other than 2 completely Off Topic cut and pastes. []'s

Reply to
Shadow

A rootkit is just an exploit of software bug(s). If a software doesn't have any bug that causes unhandled error, it can't be exploited.

In the real world, rootkits are less harmful than scamwares. Because believe it or not, softwares have more defensive measures than most users.

Reply to
JJ

A rootkit is a stealthy type of malicious software designed to lie hidden on a computer and remain undetected by antivirus software. It enables continued administrative access to a computer, allowing access to your personal information. Rootkits are frequently used in combination with other malware to hide them from users and security products.

There are a number of products available on-line which purport to find and remove rootkits but I suspect that none of them would leave you totally confident that your computer is 'clean' afterwards.

The main target market was Microsoft Windows but nowadays Apple computers are also being targeted.

Reply to
David B.

Thanks for your post, JJ, but I think you should heed the words of Dustin (posting here as Diesel).

You might like to explore some of the leads you can find here, too:-

formatting link

Have a great day! :-)

Reply to
David B.

So, you no idea what a rootkit is ? So why the post ? STALKING ? []'s

Reply to
Shadow

Seems that you are a tad brighter than dear Dustin! :-)

I've used ESET in years gone by. They have a good reputation.

Reply to
David B.
[snip]

That's where he swiped it? ROFL.

Would there be any other reason?

Reply to
Diesel

LOL! Are you trying to recruit him? I didn't bother to search for any of the keywords in the post you lifted, David. So, I had no idea where you stole it. But, it's not 100% accurate, either.

That wouldn't be the first time an antivirus company has gotten things wrong though.

See this one:

formatting link

And indeed, the virus has corrupted files on the hard drive during this event. Technical Details: Katrin Tocheva, Sami Rautiainen and Alexey Podrezov, F-Secure

Which is not true. Irok doesn't corrupt the hard disk, doesn't format the hard disk, either. I succesfully, tricked those experts and infected users alike into thinking it did, by using an old copy protection trick from the 80s. Neat eh? Simple, too. Very simple.

That's not the only incorrect statement they wrote concerning it, either. It's just the funniest. Here's one from your favorite antivirus experts former employer:

formatting link
The virus may corrupt the data on the hard drive.

It does no such thing.

Reply to
Diesel

HomeOwnersHub website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.