rootkits on new pc?
in [Windows XP]
|
Prev: Drivers
Next: Print menu not displaying properly?
From: David H. Lipman on 19 Feb 2010 22:32 From: "20100220" <20100220(a)discussions.microsoft.com> | "David H. Lipman" <DLipman~nospam~@Verizon.Net> wrote in message | news:ec6RZqdsKHA.3908(a)TK2MSFTNGP05.phx.gbl... >> No ! >> "Published: November 1, 2006" >> Too old and hasn't been updated. | The concept of rootkits haven't changed and so the solution of 2006 is still | valid and works well. Most Anti-Virus programs have embedded this solution | in their products as well. | I guess Mark should have re-dated and re-brandied his product to 2010 and | changed the article superficially to satisfy the target audience. | hth The concept may be static but NOT the techniques! If one was to scan for a RootKit, Gmer would be a far better tactic. However, it is not a good idea to feed this guts delusion. If he is worried about buying a NEW PC, then he should by it void of an OS and install the OS himself. -- Dave http://www.claymania.com/removal-trojan-adware.html Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp
From: PA Bear [MS MVP] on 20 Feb 2010 02:52 David H. Lipman wrote: > From: "Sam Spade" <sam(a)spadeandarcher.com> > >> I just ordered a new pc from a small system builder. It will have Windows >> 7 >> Ultimate. > >> I'm not accusing anyone of anything, but how can I tell whether it comes >> with a rootkit installed? > > Wipe it and install the OS yourself! +1 Take care of everything on the following page before otherwise connecting a new computer to the internet or a local network (i.e., other computers) and before using a flash drive or SDCard that isn't brand-new or hasn't been freshly formatted: 4 steps to help protect your new computer before you go online http://www.microsoft.com/security/pypc.aspx
From: philo on 20 Feb 2010 06:37 Sam Spade wrote: > I just ordered a new pc from a small system builder. It will have Windows 7 > Ultimate. > > I'm not accusing anyone of anything, but how can I tell whether it comes > with a rootkit installed? > > > Run a full scan with an anti-virus program that can detect root kits I used Avast to find one hidden in a "system restore" folder also run Malwarebytes My guess is that a new machine would not come with a root kit
From: Alias on 20 Feb 2010 06:51 Sam Spade wrote: > I just ordered a new pc from a small system builder. It will have Windows 7 > Ultimate. > > I'm not accusing anyone of anything, but how can I tell whether it comes > with a rootkit installed? > > > Don't let them install Windows 7. Get the Win7 DVD with your computer and do it yourself. If they've already installed it, wipe the disk and install it again. Make sure you get the Windows 7 DVD. -- Alias
From: MowGreen on 20 Feb 2010 14:41
The advice about installing the OS yourself to avoid a "pre installed" root kit will *almost* guarantee that an RK will not be present. BUT, there are other methods that can be used by a computer manufacturer that are almost impossible to detect. In one scenario, the root kit can be installed to a layer between the hardware and the OS which is called a hypervisor - http://searchsecurity.techtarget.com.au/articles/27889-Is-it-possble-to-un-install-a-rootkit- " A rootkit hypervisor is an even more powerful and dangerous beast. A hypervisor is a layer of virtualisation software that runs between the operating system and hardware, acting as a virtual machine monitor. A rootkit hypervisor doesn't rely on hacking the kernel. It takes control by running the original operating system in a VM or virtual machine. By controlling the complete universe in which an operating system runs, it can deceive any operating system running inside it, thus defeating any security defenses running on the guest VM. This means there's really no practical way to detect it except through extreme measures. " The following article provides a detailed explanation of RKs and the differing types, of which there are at least 5 : http://www.anvir.com/rootkit.htm " Here's lookin' at you, kid " MowGreen ================ *-343-* FDNY Never Forgotten ================ banthecheck.com "Security updates should *never* have *non-security content* prechecked Sam Spade wrote: > I just ordered a new pc from a small system builder. It will have Windows 7 > Ultimate. > > I'm not accusing anyone of anything, but how can I tell whether it comes > with a rootkit installed? > > > |