Un rootkit è un codice maligno che si può installare, per vari motivi, sui nostri PC e ne prende il controllo.
Tra i più insidiosi si possono classificare quelli che si installano sul Master Boot Record. Facendo qualche passo indietro nella storia dei PC, qualcuno ricorderà Brain, che fu il primo virus per IBM-PC documentato. Brain era un boot sector virus con tecnolog
A root kit is an application (s) that enables remote access (illegal and administrative level) to a computer without the knowledge of the user. Because of its hidden nature, a rootkit is very difficult to find out and remove by using an anti-virus program.GMER is an excellent and efficient free program to detect and remove any rootkit that are hidden on your computer. However you are required litt
"A far bigger danger to your Linux system then viruses are rootkits. Most of them will be stopped entering your system by a decent firewall, but still a regular check is strongly recommended."
Brunolinux.com
Los señores de UG North acaban de liberar una nueva versión del ya bien conocido Rootkit Unhooker, en esta entrega se han agregado algunas cuantas cosas, aunque sigue siendo LE o Lite Edition (Edición Ligera). Después de mucho tiempo de inactividad, EP se ha dado el tiempo para sacar a la luz esta nueva versión, que hay que decir solo se invirtieron 3 horas y media para todo lo que se hizo.Es
Erano gli inzi degli anni 90 quando mi trovai a litigare molto spesso con questa tipologia di virus.
Si propagavano con i floppy disk, a quell’epoca non c’era molto altro per passarsi i dati o i programmi, ed il meccanisco era assai semplice:
Free PS3?? Click Image Below...McAfee Rootkit Detective is a program designed and developed by McAfee Avert Labs to proactively detect and clean rootkits that are running on the system.Features of McAfee Rootkit Detective 1.0:Following are the features of this program that are designed to proactively detect and clean rootkits from the system. This program is not dependent on any signatures and can
Hidden Process è un programma per la sicurezza del vostro pc, grazie al quale possiamo identificare processi malevoli , rootkit e virus che si nascondono tra i vostri processi del computer.
Esso funziona solo per Windows Xp SP2.
il programma controllerà con un tempo deciso da voi ogni singolo processo avviato nel vostro personal computer.
Il programma appena [...]
Hidden Process è un programma per la sicurezza del vostro pc, grazie al suddetto possiamo identificare processi malevoli , rootkit e virus che si nascondono tra i vostri processi del computer.
Il funzionamento del programma è molto semplice basta avviarlo , andare nel menù e cliccare su start , dopo il click il programma controllerà con [...]
Linux Lkm Rootkit for 2.6.x Kernels
IntoXonia - LKM rootkit for Linux Kernel 2.6.x
==============================================
1. History
———-
I have released first version of IntoXonia in 2005. There were different replies.
Rootkit was incompatible with 64-bit architecture because algorythm of searching the system
call table address didn’t work fine Also I’ve found a bug in getting full path to file.
In this version I have fixed known bugs and added new features (look ChangeLog). Method of
rootkit configuration IMHO changed in a best way. It is realised by fake binary file
but all the options are cathegorized.
Today, 05/28/2006 - is date of release of IntoXonia-ng LKM rootkit.
2. Possibilities
—————-
(*) hiding files &
Virus writing becomes a new sport for the Beijing games
Malware writers have passed the baton in the race to take advantage of the Olympics with the second attempt to load malware onto PCs in a week.…
Read more…
Windows Live OneCare is right on track to getting an anti-rootkit upgrade. Microsoft plans to added rootkit detection capabilities to its line of security products, but not only OneCare will be impacted by the change. The Forefront line of enterprise security solutions will also feature the added rootkit detection capabilities. The new anti-rootkit features come courtesy of security company
Removing rootkits without compromising system integrity is particularly challenging and needs to be done with care. Sophos Anti-Rootkit will find and remove any rootkit that is hidden on your computer. The term rootkit is used to define a Trojan (or technology) used to hide the presence of a malicious object (process, file, registry key, network port) from the computer user or administrator. Here are some key features of "Sophos Anti Rootkit": · Scans running processes, windows registry and local hard drives for rootkits. · Identifies known rootkits and selects, by default, files for removal which will remove the rootkit component of the malware without compromising OS integrity. · Allows users to remove unidentified hidden files, but does no
Rootkit Hunter
Description:
Rootkit scanner is scanning tool to ensure you for about 99.9%* you're clean of nasty tools. This tool scans for rootkits, backdoors and local exploits by running tests like:
- MD5 hash compare
- Look for default files used by rootkits
- Wrong file permissions for binaries
- Look for suspected strings in LKM and KLD modules
- Look for hidden files
- Optional scan within plaintext and binary files read more »
RootkitRevealer is an advanced rootkit detection utility. It runs on Windows NT 4 and higher and its output lists Registry and file system API discrepancies that may indicate the presence of a user-mode or kernel-mode rootkit. RootkitRevealer successfully detects all persistent rootkits published at www.rootkit.com, including AFX, Vanquish and HackerDefender (note: RootkitRevealer is not intended to detect rootkits like Fu that don't attempt to hide their files or registry keys). If you use it to identify the presence of a rootkit please let us know! The reason that there is no longer a command-line version is that malware authors have started targetting RootkitRevealer's scan by using its executable name. We've therefore updated RootkitRevealer to execute its scan from a randomly named copy of itself that runs as a Windows service. This type of execution is not conducive to a command-line interface. Note that you can use command-line options to execute an automatic scan with res
La compañía de seguridad informática F-Secure escribe en su blog que las memorias flash USM-F de Sony, con lector incorporado de huellas digitales instalan una carpeta oculta en el disco duro del usario.La carpeta en cuestión contiene archivos que gestionan la autenticación del reconocimiento de huellas digitales, pero que también puede ser usado para almacenar y ejecutar código maligno.“Si Sony sólo ocultara sus propios archivos, nadie protestaría. Sin embargo, el sistema también puede ser usado para ocultar malware", declara el investigador jefe de F-Secure, Mikko Hypponen.Peligros ocultosUn “rootkit" es una herramienta que permite incrustar código de todo tipo en las profundidades del sistema operativo. El propósito es ocultar ante el usuario la existencia de una serie de archivos y programas (en este caso, los archivos que impiden la reproducción no autorizada y copia del CD).Un rootkit en sí no es perjudicial, pero a menudo es usado para ocultar malware en máqui
McAfee Rootkit Detective is a program designed and developed by McAfee Avert Labs to proactively detect and clean rootkits that are running on the system.
Features of McAfee Rootkit Detective 1.0 :
Following are the features of this program that are designed to proactively detect and clean rootkits from the system. This program is not dependent on any signatures and can proactively detect most
McAfee Rootkit Detective 1.0Antivirus ini gak perlu di instal cukup disimpan di flashdisk anda, fungsinya hanya sebagai scan & clean saja. Yah mirip2 PCmav (yang sudah gak mampu nanganin virus dengan maksimal) gitu deh. Tapi yg ini lebih handal ketimbang PCmav. Try it & feel it! McAfee Rootkit Detective 1.01,5 MB | RS.com | RAR | English McAfee Rootkit Detective is a program designed and developed by McAfee Avert Labs to proactively detect and clean rootkits that are running on the system. Features of McAfee Rootkit Detective 1.0 :Following are the features of this program that are designed to proactively detect and clean rootkits from the system. This program is not dependent on any signatures and can proactively detect most of the existing and upcoming rootkits and allow the user to clean them.· Designed to proactively detect the system objects like processes, files and registry that are hidden to the user.· Provides information about all running processes in the
Slight disagreement to the tune of $412,000
The public feud over the effectiveness of a proof-of-concept rootkit said to be completely undetectable continued on Thursday, as a researcher once again challenged those claims.…
Read more…
agregado: listado y desganchado de Shadow SSDTagregado: nuevo dialogo de acerca ;)el sistema de actualización es ahora completamente configurable.remivido: el banneo a GMER y el banneo a los debuggers de modo kernelMixelandia
Sophos Anti-Rootkit is a tool that can be used to discover and remove any rootkit that may reside in a computers running processes, registry or on a local hard drive. A rootkit also known as (Root Kit) is basically a set of tools that are used to conceal a malicious program from the computer [...]
Hoy les traigo otro exploit el cual tiene que ver con Rootkit Revealer, es una traducción directa del texto publicado por EP_X0FF en los foros de sysinternals aquínota:Solamente usenlo si realmnente saben lo que hacen...Rootkit Revelaler (RKR) es un detector de Rookits muy conocido el cual es usado para revelar algunos rootkits de modo usuario así como algunas cuantas cosas del modo kernel. Puede detectar archivos ocultos haciendo lecturas de modo RAW y usando su propio parser para el sistema de archivos. Puede detectar entradas ocultas en el registro volcando directamente desde el disco por medio de un driver y la función ZwSaveKey y utilizando su propio parser para esto. Existen varias maneras de sobrepasar completamente a RKR, pero el detector mismo puede ayudarte a sobrepasarlo. Esta vulnerabilidad esta presente en todas las versiones de RKR inclusive en las más antiguas versiones de línea de comando. El objetivo principal del exploit es usar restricciones del si
A rootkit is a program that can hide processes, programs and files from the operating system. A malicious rootkit may contain spyware / malware / trojan that can log keystrokes, steal data etc.
It may also create a backdoor in your system so that the creator can take control of your computer and turn it into a 'zombie'. Thousands of 'zombies' can be controlled to form a botnet and used in a
Soporte completo Vista 32bit build 6000Se agrego un nuevo método de detección de procesos ocultosLa tecnología del Stealth Walker fue mejorada dramáticamente, ahora puede revelar mas rootkits.Nueva Página – Detector de Código Oculto, la cual te mostrara casi todo el código que se está ejecutando en el modo kernel.El Detector de Código Oculto esta soportado por algunos métodos de detección basados en phide_ex / Rustock y la tecnología de UnrealEl modulo de soporte para NTFS ha sido reescrito para eliminar algunos viejos erroresVX contien código especial para sobrepasar la nueva evolución de los toyanos que utilizan ganchos en la SSDTLa detección de Ganchos inline fue mejorada.Fecha preliminar de liberación: verano del 2007Mixelandia
AVG Anti-Rootkit is a powerful tool with state-of-the-art technology for detection and removal of rootkits. Rootkits are used to hide the presence of a malicious object like trojans or keyloggers on your computer. If a threat uses rootkit technology to hide itself it is very hard to find the malware on your PC. AVG Anti-Rootkit gives you the power to find and delete the rootkit and to uncover the threat the rootkit is hiding.Download here Source:grisoft
La nueva versión de RKU ha sido liberada. Cualquier reporte de bug / logs mandarlos a rkunhooker @ inbox.ru o pegarlos aqui como comentarioversion 3.31 build 150/420 (07.04.2007)corregido: Bug en las Rutinas de Notificación y en el Detector de Ganchos de Codigo, gracias a FlowerCodecorregido:Bug en la identificación de driversactualizado: ILHA para sobrepasar algunos rootkits de modo usuario con patch-protectionagregado: sobrepasar el candado que algunos rootkits ponen en archivos del sistemaagregado: Soporte completo UNC para el escaneo de archivos / Operaciones (deberia de eliminar algunos bugs antiguos)Descargashttp://rkunhooker1.narod.ru/rkunhook...31.150.420.rarhttp://rku.nm.ru/rkunhooker_v3/RkU3.31.150.420.rarlocal desde MixelandiaMD5 1fc261be43d1119b4f627b18578759b3 *RkU3.31.150.420.exeMixelandia
Desde hacia un tiempo la página principal del Rootkit Unhooker habia sido http://rku.xell.rusin embargo desde el dia de ayer o hoy no estoy muy seguro la página ha vuelto a sus raices, es decir al hosting gratuito de narod.ru, asi que desde hoy la pagina oficial cambia a http://rkunhooker1.narod.rulo malo es que ya no hay foro de discucion, con lo cual se quita el soporte que se estaba dando :(pero en fin si alguien tiene alguna duda no dude en dejar un comentario o enviar un correo ;)Mixelandia
El sitio de rootkit unhooker esta caido y por lo tanto aki les va el link para descargarlo es la version mas resientethe rootkit unhooker site is down, so here is the link to download the last releasedownloadpor cierto soy el traductor al español, así que aquí les dejo la traducción de la interfazinterfaz en españolMixelandia
Several Apple TV modders are complaining that their enhancements to Apple TV such as adding VNC and SSH are being disabled over night. As some of my readers may recall, I wrote “Apple TV might obsolete the x86 appliance market” two months ago with some high hopes for it. I’m also hearing rumors [...]
Forget what Microsoft says about Vista being the most secure version of Windows yet. More to the point, what do the hackers think of it? In a nutshell, they think it’s an improvement, but at the end of the day, it’s just like everything else they dissect—that is, breakable. “Not all bugs are [...]
