2006-07-16 07:50:00 · 4 answers · asked by Jim W 1 in Computers & Internet ➔ Security
There is a new buzz word on the Internet these days called “rootkit.” Rootkits are a new form of malware. They are difficult to detect and harder to remove. They pose a greater danger than your typical viruses and spyware. What makes them unique is their ability to hide themselves from antivirus and anti-spyware scanners. They accomplish this by hiding in a system’s processes. They are invisible to the task manager. Once installed, they are notoriously difficult to remove (1). Oftentimes, rootkits are used in conjunction with Trojans. Rootkits hides the presence of Trojans, allowing them to record keystrokes, harvest passwords and etc..
Some of the biggest vendors are testing beta versions of their antirootkit scanners, including F-Secure’s Blacklight, BitDefender’s UnCover, Microsoft’s Windows Defender and Sysinternal’s Rootkit Revealer. All these beta versions are available for free. They can both scan and remove rootkits safely. Important, Windows Defender is available only to Windows user’s that have a genuine license copy of Windows
1.Microsoft: Stealth Rootkits Are Bombarding XP SP2 Boxes – eweek.com
2.Sony, Rootkits and Digital Rights Management Gone Too Far -- Mark’s Systinternal Blog
3.New Rootkit Detectors Help Protect You and Your PC – pcworld.com
2006-07-16 08:32:26 · answer #1 · answered by What the...?!? 6 · 0⤊ 0⤋
A rootkit is a collection of tools (programs) that enable administrator-level access to a computer or computer network. Typically, a cracker installs a rootkit on a computer after first obtaining user-level access, either by exploiting a known vulnerability or cracking a password. Once the rootkit is installed, it allows the attacker to mask intrusion and gain root or privileged access to the computer and, possibly, other machines on the network.
A rootkit may consist of spyware and other programs that: monitor traffic and keystrokes; create a "backdoor" into the system for the hacker's use; alter log files; attack other machines on the network; and alter existing system tools to escape detection.
The presence of a rootkit on a network was first documented in the early 1990s. At that time, Sun and Linux operating systems were the primary targets for a hacker looking to install a rootkit. Today, rootkits are available for a number of operating systems, including Windows, and are increasingly difficult to detect on any network.
Rootkits have become more common and their sources more surprising. In late October of 2005, security expert Mark Russinovich of Sysinternals discovered that he had a rootkit on his own computer that had been installed as part of the digital rights management (DRM) component on a Sony audio CD. Experts worry that the practice may be more widespread than the public suspects and that attackers could exploit existing rootkits. "This creates opportunities for virus writers," said Mikko Hypponen, director of AV research for Finnish firm F-Secure Corp. "These rootkits can be exploited by any malware, and when it's used this way, it's harder for firms like ours to distinguish the malicious from the legitimate."
A number of vendors, including Microsoft, F-Secure, and Sysinternals, offer applications that can detect the presence of rootkits. If a rootkit is detected, however, the only sure way to get rid of it is to completely erase the computer's hard drive and reinstall the operating system.
2006-07-16 07:56:28 · answer #2 · answered by EG345 4 · 0⤊ 0⤋
rootkits get into your computer
they are very hard to stop
go to download.com
get ashampoo antispyware
it has a rootkit scanner and delete the rootkit
good luck!
2006-07-16 07:56:22 · answer #3 · answered by livingforjesus231 5 · 0⤊ 0⤋
NEVER put a sony music CD in your computer.
go to download.com and look for tools to check out your computer and make sure it is free of nasty things.
2006-07-16 07:55:02 · answer #4 · answered by brainiac 4 · 0⤊ 0⤋