 Re: Privacy.LIE scamming you again!
"traveler" <noreply@nym.alias.net> wrote in message
news:bhvuky9l4za6.1mwfsv6cvo6xz.dlg@40tude.net...
> On Sun, 06 Nov 2005 09:37:39 GMT, Hairy One Kenobi wrote:
> > "traveler" <noreply@nym.alias.net> wrote in message
> > news:tb5rm1duccaseg2q4iecmndgr10dii7a7m@4ax.com...
> >> On Sat, 5 Nov 2005 17:56:18 +1300, "Max Burke" <mlvburke@xxxxxxxxx.nz>
<snippage warning>
> > If *I* were ever to locate a rootkit on one of my PCs, then the first
stop
> > would be my AV provider.. after all, removing nasties is what I pay them
> > for. And what they do for a living.
> The reason ant-virus products don't catch it is because it's not a virus,
> or a trojan. It's software of sorts designed to hide something like a
> trojan. Windows removal tool and even the best virus/trojan scanner
> wouldn't find it, you need a specialized product like the F- Secure to
> detect it, and just as important to SAFELY remove it without any hassles,
I don't recall saying that AV products don't catch this; instead I have a
vague recollection of saying the exact opposite ;o)
Assuming that this software doesn't install via Voodoo (not the graphics
card), then one can catch it.
I even went as far as checking MS's site to make sure that I wasn't
misremembering. As I said, no idea as to the relative effectiveness of
whichever snake^H^H^Hsoftware you're peddling/advocating.
But. I doubt that it involves requiring Harry Potter as sysadmin - software
is software[1], no matter what the intent. It's no easier or more difficult
to detect sol.exe than leet-root-kitzzz!1!!1.exe (I'm possibly cheating a
little, in that this particular example formed part of the standard
Unicenter demo, back in '97. Forget the automated trouble-tickets,
supervisor email, removal, and reboot: the flashing red light was [cough]
kewl)
Point taken about "progressive" kits that replace multiple files. Sounds
like a damned stupid idea, though, as it's more likely to be detected IMHO.
H1K
[1] Originally misytped that as "siftware". Have I invented a new software
term..? Shame I'm not American - I'd rush out to patent it.. :oD
 |