From: David H. Lipman on
From: "FromTheRafters" <erratic(a)nomail.afraid.org>

| "~BD~" <BoaterDave(a)hotmail.co.ukk> wrote in message
| news:etmdnSAlabunKkTWnZ2dnUVZ8qednZ2d(a)bt.com...
>> OK - I'm convinced at last. :)

>> Mbam *is* a 100% safe application!
>> **********************************

>> See post number 3 - here:-

>> http://forum.kaspersky.com/index.php?showtopic=141724&hl=Malwarebytes

| It must be a very simple application indeed to be 100% safe.

| I would say that the programmers are probably 100% well intentioned.

| (is McAfee 100% safe?)



I truly think that logic would be above his capability.

--
Dave
http://www.claymania.com/removal-trojan-adware.html
Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp


From: FromTheRafters on
"David H. Lipman" <DLipman~nospam~@Verizon.Net> wrote in message
news:hrdbnh0a6n(a)news6.newsguy.com...
> From: "FromTheRafters" <erratic(a)nomail.afraid.org>
>
> | "~BD~" <BoaterDave(a)hotmail.co.ukk> wrote in message
> | news:etmdnSAlabunKkTWnZ2dnUVZ8qednZ2d(a)bt.com...
>>> OK - I'm convinced at last. :)
>
>>> Mbam *is* a 100% safe application!
>>> **********************************
>
>>> See post number 3 - here:-
>
>>> http://forum.kaspersky.com/index.php?showtopic=141724&hl=Malwarebytes
>
> | It must be a very simple application indeed to be 100% safe.
>
> | I would say that the programmers are probably 100% well intentioned.
>
> | (is McAfee 100% safe?)
>
>
>
> I truly think that logic would be above his capability.

Maybe, but I believe he is not stupid - just annoying as all hell. :oD

Even well intentioned programmers can introduce unsafe implementations
of ... say ... decompression algorithms, into a scanner, making zip
files or rar files into DoS trojans or worse. It has been seen before as
you know.

That 100% gets tossed around so much that one would think that it is the
"new math" that makes 100 the same as less than 100. :o)


From: ~BD~ on
FromTheRafters wrote:

>
> Maybe, but I believe he is not stupid

That's good to know! :)

> - just annoying as all hell. :oD

Name two things which I do which you find annoying - if necessary,
please explain why so. I *may* change what I do!

Now .......

Here's an item for you to get your teeth into, FTR!

It's an extract from a thread I once started here:-

http://forum.kaspersky.com/index.php?showtopic=50275&st=40

(this is post No 46)

**


Performing a standard Disk Format and Reinstall of the Operating System
will render common infections incompatible, but not all Rootkits and its
accompanying payload of malware..... Rootkits work from outside the
Operating System and can hide in Bad Sectors of the Hard Disk thus have
places to hide on the Hard Disk that are essentially outside the
Operating Systems environment, untouchable by it, yet still at hand.

Most wiping, erasing, formatting, and partitioning tools will not
overwrite logical bad sectors on the Disk, leaving the Rootkits and
their accompanying payload of malware behind and still active.

Rootkits in themselves are not a threat.....the danger is that Rootkits
have the invincible power of Stealth.....Malicious Programmers can hide
their malware safely inside the protection of the Rootkit.

Rootkits reside in the Root of things, thus the name 'Root' that service
as an protective container for the accompanying payload of malware, or
on the bright side, the accompanying payload of Software Code with
productive, safe intentions, together they are a 'KIT'.....thus the name
'ROOTKIT'.....and Rootkits are not a joke.

Once the Computer is compromised by an Rootkit with its accompanying
payload of malware, all files in the System can not be trusted and are
likely infected..... this includes all the System files, Software,
backups, removable disks, and restore points..... Rootkits can not only
hide themselves in Bad Sectors of Hard Disks, they can also hide
themselves in the Boot Sectors of Hard Disks, CD/DVD, and Floppy
Disks..... Rootkits can also hide in the Firmware of Hardware
Components, in the BIOS, Motherboard, Video-card EEPROM or Alternate
Data Streams.....

Rootkits hide their processes, files, and folders by using sophisticated
hooking and filtering techniques. As a result, traditional methods of
viewing the system state typically return no indication of foul
play.....the Rootkit makes sure of that.

When an Rootkit is cloaked, system utilities such as Task Manager,
Regedit, will not be able to expose the processes and Registry data that
should betray the presence of the Rootkit. The lurking Rootkit files
will not be viewable in Windows Explorer or even via the command
line.....The Rootkit needs to be uncloaked, in return the
Malware Components it was hiding become uncloaked as well.....

Removing an Rootkit is an two step process:

1). Uncloaking and removing the Rootkit.....this step involves using
special Software tools that can find the Rootkit and remove it.

2). Removing the malware payload associated with the Rootkit.....this
step normally uses conventional security programs such as Anti-Virus,
Anti-Trojan, and Anti-Spyware scanners. This step may also involve
manual deletion of some stubborn Rootkit components.

Some helpful tools to help detect and remove Rootkits are:
RootkitRevealer by Microsoft, Rootkit_Detective by McAfee, BlackLight by
F-Secure, UnHackMe by Greatis, AVG Anti-rootkit by Grisoft to name a
few.....

-drdos

*************

I'd be most interested to discuss these comments of drdos further - you
will note that the thread was closed by the moderator shortly after we
reached this stage!

In particular, do you agree that "Rootkits can also hide in the Firmware
of Hardware Components, in the BIOS, Motherboard, Video-card EEPROM or
Alternate Data Streams....." ?

Like Dustin Cook, I've always been a 'detail' person too! <vbg>

--
Dave

From: David H. Lipman on
From: "~BD~" <BoaterDave(a)hot.mail.co.uk>

FUD post !

There is NO malware that infects are resides within the; BIOS, Motherboard or Video-card
EEPROM.


--
Dave
http://www.claymania.com/removal-trojan-adware.html
Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp


From: David H. Lipman on
From: "David H. Lipman" <DLipman~nospam~@Verizon.Net>

| From: "~BD~" <BoaterDave(a)hot.mail.co.uk>

| FUD post !

| There is NO malware that infects are resides within the; BIOS, Motherboard or
| Video-card
| EEPROM.


That should have been...
"...that infects or resides within..."



--
Dave
http://www.claymania.com/removal-trojan-adware.html
Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp