Rapier
11-04-2010, 01:01 PM
Root Kit
If you are like me you have no idea what that is. Well now you will find out.
If you have not heard yet, you will soon hear of this real problem. A not so bad Root Kit was developed in 2006 that was not very destructive and could be found pretty easily on a computer. Several weeks ago someone took the little monster and turned it into an, as my IT folks told me yesterday; the “worst of the worst, of the worst of the worst.” It is now popping up everywhere.
What this beauty does is invades your computer going right through any security system. It went through my Norton Corporate like it wasn’t there at all. Then once it installs, it allows the originator to control your computer as if they were setting at your desk. They can read everything, copy anything, print anything and do business as you on your computer or theirs. Anything you can do on your computer can be done by them and they can just simply take over your computer identity. Change your passwords? They can watch you type and copy the new data as fast as you type. Your computer can become a Zombie computer sending the same infection, the root kit, to every person you have on your address book, etc.
The program cloaks itself and is not shown by most any anti virus software. It will kill many root kit destroyers and even is known to clean a thumb drive of anti or infection killer software!
If you start getting “out of resources” type error messages or if you bring up Task Manager (Cntrl, Alt, Del) and see programs running when nothing should be running, call your IT folks, right now.
Our IT folks are now seeing a half dozen of these infections a week and the big corporations are just formatting hard drives when they find a root kit on a machine. Yes it is that serious.
They mostly come from clicking on an infected site or in a “Hey look at this” type message. You click on the extension and you just lost your computer. The worst sites are social places like Face Book.
Google Root Kit and read what is there. What they do not talk about is the Valorian Root Kit, the one that has been redone or rebuilt into a very bad, nasty, sucker. TDSkiller and Combofix can sometimes be used to kill the root kits or to at least find them. They way they find the Root Kit is when they just quit running, if the kill program keeps dying, call your IT guys now. You might have to have your HD removed and installed on a secure box, as a secondary HD, so that the killer software can attack the root kit without it being able to run its defenses. That is what we had to do with one of our workstations yesterday.
Ed
If you are like me you have no idea what that is. Well now you will find out.
If you have not heard yet, you will soon hear of this real problem. A not so bad Root Kit was developed in 2006 that was not very destructive and could be found pretty easily on a computer. Several weeks ago someone took the little monster and turned it into an, as my IT folks told me yesterday; the “worst of the worst, of the worst of the worst.” It is now popping up everywhere.
What this beauty does is invades your computer going right through any security system. It went through my Norton Corporate like it wasn’t there at all. Then once it installs, it allows the originator to control your computer as if they were setting at your desk. They can read everything, copy anything, print anything and do business as you on your computer or theirs. Anything you can do on your computer can be done by them and they can just simply take over your computer identity. Change your passwords? They can watch you type and copy the new data as fast as you type. Your computer can become a Zombie computer sending the same infection, the root kit, to every person you have on your address book, etc.
The program cloaks itself and is not shown by most any anti virus software. It will kill many root kit destroyers and even is known to clean a thumb drive of anti or infection killer software!
If you start getting “out of resources” type error messages or if you bring up Task Manager (Cntrl, Alt, Del) and see programs running when nothing should be running, call your IT folks, right now.
Our IT folks are now seeing a half dozen of these infections a week and the big corporations are just formatting hard drives when they find a root kit on a machine. Yes it is that serious.
They mostly come from clicking on an infected site or in a “Hey look at this” type message. You click on the extension and you just lost your computer. The worst sites are social places like Face Book.
Google Root Kit and read what is there. What they do not talk about is the Valorian Root Kit, the one that has been redone or rebuilt into a very bad, nasty, sucker. TDSkiller and Combofix can sometimes be used to kill the root kits or to at least find them. They way they find the Root Kit is when they just quit running, if the kill program keeps dying, call your IT guys now. You might have to have your HD removed and installed on a secure box, as a secondary HD, so that the killer software can attack the root kit without it being able to run its defenses. That is what we had to do with one of our workstations yesterday.
Ed