Windows Rootkits/Virus Issues.

Rootkits/Viruses require admin priv to install correct?
Even the ones that install as drivers?
--
esu lanoisseforp

Hello,

All traditional rootkits should need admin privileges to work, considering
that is their nature - to provide admin access to the intruder. Viruses,
however, and other malware can be installed as a standard user (if they are
designed correctly - I doubt many of the ones out today are), however their
effectiveness will be severely limited - they will only be able to
modify/delete data and settings that are tied specifically to your user
account (i.e. your photos, music, downloaded files, etc) and will be unable
to modify/delete files from other user accounts, system programs, system
settings, installed programs, etc.

Any malware installed as a standard user will be much less nasty and easier
to clean up.

Non-admin programs are not allowed to load drivers.


--
- JB
Microsoft MVP - Windows Shell/User

Windows Vista Support Faq
http://www.jimmah.com/vista/

Spot wrote:
> Rootkits/Viruses require admin priv to install correct?
> Even the ones that install as drivers?

Traditionally, yes. Past performance is no indication of future performance
however. In other words, running in a non-admin account is very very
important but it is not some super special magical bullet that means you
don't have to take basic precautions.

In any case, a hacker *might* need admin rights to take over your machine,
but they *don't* need admin rights to break your heart. Consider a script
that deletes the contents of your my documents folder (or wherever you keep
your files, you'll have given yourself rights to anywhere you store files),
or better still scans it and emails someone the contents of any text file
containing interesting keywords, using scripts to drive your normal email
program. No admin rights required, untold damage caused.

regards
rob