Discussion in 'Bloody Computers' started by NotmeChief, Sep 3, 2007.

Welcome to the Navy Net aka Rum Ration

The UK's largest and busiest UNofficial RN website.

The heart of the site is the forum area, including:

  1. Sony have done it again and introduced another rootkit, this time with a piece of USB hardware.

    For those that don't know what a 'rootkit' is. It is a mask or cloak used to sheild a piece of software buried withing the system or kernal that you don't want anyone to find.
    These rootkits have been taken up by virus writers and used to hide their nasty product from the increasingly sophisticated anti-virus and anti-spyware programs who can't find them because they can't see them.

    McAfee has just released a 'rootkit remover' and it is free to download and use. I would suggest anyone worried about security of their PC use it.

    Rootkit detection and remover.

    This works for all rootkits not just the Sony ones.
  2. For most people a rootkit can be viewed as just another virus, although if you get a sophisticated one on your PC you're buggered, hence the panic messages a while back.

    The thing is referred to as a rootkit because it's something which has permission to run as 'root' or achieved what only the 'root' should be able to do - 'root' is the Linux super-user who an do anything on the system, including altering the programmig of the operating system.

    The name is also used for Windows PCs, Macs and it means that a piece of the operating system code has been rewritten to hide nasty activity - as described by notmechief. This could of course be something that interferes with the ability of your virus scanner to detect it.

    Another example might be the rewriting of the 'show all network connections' tool to not show the connection from your PC to.. (insert organisation). Paranoid?

    The particular problem with the rootkit is that in the worst case it is almost undetectable from within the target operating system (ie your windows installation), since a rootkit itself can control the system completely. In theory, and demonstrated although I've no idea if used, the rootkit could be a complete operating system in its own right with your visible Windows running inside it. It controls everything going into, outof and inside the PC.

    Just thought I'd put that straight.

    But, like I said at the start, for most people for most computer use it should just be viewed as a virus. Don't ever view your PC as secure though.
  3. The link comes up with the McAfee website but the URL is

    Not sure I'm prepared to trust this download.
  4. It is the McAfee site and safe to access. A word of warning though, the results you get from the finder will need interpreting so it may be ok to see what, if any, you have but unless your familiar and happy to play with the registry (no, not that one where the wrens hide out), you will only know and not be able to clean.
  5. I have the Anti rootkit finder on my Home PC - free ( I like that word) from AVG. I cant post the link as i cant remember it - but google will help you out!
    the AVG Rootkit detector seeks them out, stops them and allows you to remove them, fully and cleanly. Found one on my PC- not there now, it was the lovely Sony music one!

    I'd love to have the knowledge to write one - or a virus - then be able to sell that talent to Sophos or Symantec for a living so they can employ me in their IT dept ........ I can dream...... mmmmmmm
  6. There's already enough spyware in Symantic so doubt if they would need another coder.
  7. Use Hijack This (google it) to see whats REALLY happening in your PC.

    Also make sure that you have very good antivirus software installed.

    I used to be successfully attacked roughly every six months or so until I changed to Nod32. I have (touches wood)not had a virus since. It really is the best i've seen :)
  8. Don't be so sure Lamri. A rootkit is a 'mask' that is used to disguise software, so unless you are sure you have no rootkits, then you can't be sure you have no spyware or virus.
  9. Oh I know NmC :)
  10. wave_dodger

    wave_dodger War Hero Book Reviewer

    Look up the Hirens BootCD. Its at v9.3 now and has some amazing tools, inc. rootkit revealers.
  11. Practice safe hex and you wouldn't need to worry about that stuff...but then the internet would be boring right... :thumright:

Share This Page