J
JeffP
What does Microsoft AntiSpyware do to Prevent, Detect and
Remove a Root Kit.
Does MAS use the file system to choose which directories
to scan or does it use the win API layer?
My limited understanding is that root kits remove, cloak
their trojan or similar from the file system, therefore
they are not caught because "they don't exist".
These are replacement OS or lower level components whose
sole objective is to cloak to allow the virus or trojan to
do it's dirty work undetected.
Here's a link that I found useful.
http://www.windowsitpro.com/Article/ArticleID/45518/45518.h
tml?Ad=0
Any info would be appreciated.
FYI: Trendmicro free AS, found 69 suspects, (most were
adware) and MAS found none.
TIA
JeffP....
Remove a Root Kit.
Does MAS use the file system to choose which directories
to scan or does it use the win API layer?
My limited understanding is that root kits remove, cloak
their trojan or similar from the file system, therefore
they are not caught because "they don't exist".
These are replacement OS or lower level components whose
sole objective is to cloak to allow the virus or trojan to
do it's dirty work undetected.
Here's a link that I found useful.
http://www.windowsitpro.com/Article/ArticleID/45518/45518.h
tml?Ad=0
Any info would be appreciated.
FYI: Trendmicro free AS, found 69 suspects, (most were
adware) and MAS found none.
TIA
JeffP....