Survey							
                            
		                
		                * Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
By Tyler Scott     What is a Rootkit What Rootkits do The Types of Rootkits How to remove Rootkits   Set of tools (software) that enable continued privileged access to a computer Hides its presence from administrators by circumventing standard operating system functionality or other applications   Modern rootkits do not elevate access they make payload undetectable by adding stealth capabilities Malicious side effects      Provide an attacker with a backdoor Conceal other malware key loggers/computer viruses Create zombie machines Digital rights management (DRM/Sony). Intended side effects     Conceal cheating in online games Detect attacks Anti-theft protection ex low jack software( BIOS-based rootkit) Bypassing Microsoft Product Activation     User-Mode Kernel-Mode Bootkits Hardware/Firmware    Limited access Infects user level processes Hooks or overwrites a running processes memory to alter the way program acts   Full access to the machine Infects Kernel level processes  Kernel code  Drivers etc.   Alters the way your operating system as all processes act        Infects the Master Boot Record (MBR). Executed before the operating system boots. Starts after the bios selects the boot device Hard to detect Files reside outside of the standard file systems. Persists through transition kernel mode Runs in Normal Mode and Safe Mode.  Persistent malware images created in hardware         Network card Hard drive Bios Hard to detect because firmware/hardware is not normally scanned for infection Examples 2008 Rootkits intercepted and transmitted credit card information via mobile phone networks in Europe 2009 BIOS-level Windows rootkit was able to survive disk replacement and operating system re-installation Rootkits CompuTrace and LoJack preinstalled in the BIOS of laptops. Are used to trace the location of stolen laptops      Removal is generally very hard Flashing the bios. Format the hard drive Installing a clean version of the OS Combo fix/Kaspersky tdsskiller    http://searchmidmarketsecurity.techtarget.co m/definition/rootkit http://en.wikipedia.org/wiki/Rootkit#Hyper visor_level http://support.kaspersky.com/viruses/solutio ns?qid=208280748