If this is your first visit, be sure to check out the FAQ by clicking the link above. You may have to register before you can post: click the register link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below. |
|
|
Thread Tools | Display Modes |
#1
|
|||
|
|||
Rootkit prevent
Is there anything we can do to prevent rootkits from getting installed?
I am talking specifially ones like SecuROM which exists on some Sony music CDs and any number of EA games software. There isn't a specific EULA for SecuROM and uninstalling EA software doesn't remove the SecuROM rootkit. |
Ads |
#2
|
|||
|
|||
Rootkit prevent
No.
--- Leonard Grey Errare humanum est "A Day in the Life of a Web 2.0 Hacker" - PC Magazine http://www.pcmag.com/article2/0,2817,2330952,00.asp wjr wrote: Is there anything we can do to prevent rootkits from getting installed? I am talking specifially ones like SecuROM which exists on some Sony music CDs and any number of EA games software. There isn't a specific EULA for SecuROM and uninstalling EA software doesn't remove the SecuROM rootkit. |
#3
|
|||
|
|||
Rootkit prevent
wjr wrote:
Is there anything we can do to prevent rootkits from getting installed? I am talking specifially ones like SecuROM which exists on some Sony music CDs and any number of EA games software. There isn't a specific EULA for SecuROM and uninstalling EA software doesn't remove the SecuROM rootkit. You build it - someone will want to hack it for their own purpose. (... and likely will.) -- Shenan Stanley MS-MVP -- How To Ask Questions The Smart Way http://www.catb.org/~esr/faqs/smart-questions.html |
#4
|
|||
|
|||
Rootkit prevent
"wjr" wrote in message ... Is there anything we can do to prevent rootkits from getting installed? I am talking specifially ones like SecuROM which exists on some Sony music CDs and any number of EA games software. There isn't a specific EULA for SecuROM and uninstalling EA software doesn't remove the SecuROM rootkit. It may help to be logged in as a Limited User and to use a reputable anti-virus program that is maintained with current definitions. Some AV programs include anti-rootkit scanning. -- Allan |
#5
|
|||
|
|||
Rootkit prevent
I owe the OP more than the simple 'no' I initially provided.
The thing about a rootkit is that it masquerades as part of the operating system. That makes it invisible to applications, which rely on the operating system. The operating system is lying to them. Anti-malware software has learned some tricks from rootkits and can try to look for them. But the only way to positively identify most rootkits is from outside the operating system. You can no longer trust the OS once a rootkit has invaded. As things currently stand, and as much as I respect the efforts of some mighty smart people who write anti-malware applications, if my computer were infected by a rootkit I would erase the hard disk and reinstall a clean disk image. --- Leonard Grey Errare humanum est "A Day in the Life of a Web 2.0 Hacker" - PC Magazine http://www.pcmag.com/article2/0,2817,2330952,00.asp Allan wrote: "wjr" wrote in message ... Is there anything we can do to prevent rootkits from getting installed? I am talking specifially ones like SecuROM which exists on some Sony music CDs and any number of EA games software. There isn't a specific EULA for SecuROM and uninstalling EA software doesn't remove the SecuROM rootkit. It may help to be logged in as a Limited User and to use a reputable anti-virus program that is maintained with current definitions. Some AV programs include anti-rootkit scanning. -- Allan |
#6
|
|||
|
|||
Rootkit prevent
wjr wrote:
Is there anything we can do to prevent rootkits from getting installed? I am talking specifially ones like SecuROM which exists on some Sony music CDs and any number of EA games software. There isn't a specific EULA for SecuROM and uninstalling EA software doesn't remove the SecuROM rootkit. Read here. http://www.diamondcs.com.au/processguard/ -- Mike Pawlak |
#7
|
|||
|
|||
Rootkit prevent
MAP wrote:
wjr wrote: Is there anything we can do to prevent rootkits from getting installed? I am talking specifially ones like SecuROM which exists on some Sony music CDs and any number of EA games software. There isn't a specific EULA for SecuROM and uninstalling EA software doesn't remove the SecuROM rootkit. Read here. http://www.diamondcs.com.au/processguard/ That HIPS product has *long* been dead and bypassable. Use something newer and supported. |
#8
|
|||
|
|||
Rootkit prevent
Allan wrote: "wjr" wrote in message ... Is there anything we can do to prevent rootkits from getting installed? I am talking specifially ones like SecuROM which exists on some Sony music CDs and any number of EA games software. There isn't a specific EULA for SecuROM and uninstalling EA software doesn't remove the SecuROM rootkit. It may help to be logged in as a Limited User and to use a reputable anti-virus program that is maintained with current definitions. Some AV programs include anti-rootkit scanning. Symantec has said they don't consider SecuROM to be malicious won't do anything about it. |
#9
|
|||
|
|||
Rootkit prevent
Where I am annoyed is the Symantec won't do anything to consider this a
malicious rootkit. Leonard Grey wrote: I owe the OP more than the simple 'no' I initially provided. The thing about a rootkit is that it masquerades as part of the operating system. That makes it invisible to applications, which rely on the operating system. The operating system is lying to them. Anti-malware software has learned some tricks from rootkits and can try to look for them. But the only way to positively identify most rootkits is from outside the operating system. You can no longer trust the OS once a rootkit has invaded. As things currently stand, and as much as I respect the efforts of some mighty smart people who write anti-malware applications, if my computer were infected by a rootkit I would erase the hard disk and reinstall a clean disk image. --- Leonard Grey Errare humanum est "A Day in the Life of a Web 2.0 Hacker" - PC Magazine http://www.pcmag.com/article2/0,2817,2330952,00.asp Allan wrote: "wjr" wrote in message ... Is there anything we can do to prevent rootkits from getting installed? I am talking specifially ones like SecuROM which exists on some Sony music CDs and any number of EA games software. There isn't a specific EULA for SecuROM and uninstalling EA software doesn't remove the SecuROM rootkit. It may help to be logged in as a Limited User and to use a reputable anti-virus program that is maintained with current definitions. Some AV programs include anti-rootkit scanning. -- Allan |
Thread Tools | |
Display Modes | |
|
|