From: "Geo" 

This is a multi-part message in MIME format.

------=_NextPart_000_0068_01C6B755.0CDE8290
Content-Type: text/plain;
        charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable

Don't some of the rootkits use an API to hide themselves?

Geo.
  "Rich"  wrote in message news:44ce17e6$1{at}w3.nls.net...
     I don't know names but I would suspect all rootkits plus more.  =
Beyond that some bad software does, apparently including the crap sold = by
the company the sales and marketing guy shills for.

  Rich

    "Geo"  wrote in message =
news:44cd150c$1{at}w3.nls.net...
    What trojans or malware are known to modify the kernel or other =
kernel mode components?

    Geo.
      "Rich"  wrote in message news:44cac451$1{at}w3.nls.net...
         The sales and marketing guy being quoted is either an idiot or =
a liar.  The protection present in x64 systems protects against trojans =
and other bad code that attempt to modify the kernel or other kernel = mode
components.  Well behaved code that calls system APIs is not = affected in
any way.  What makes this guy an idiot or a liar is that = using the well
documented Windows API provides the means to remain = compatible.  Patching
and modifying random code or data in the kernel or = other components is
not portable or compatible from version to version.  = Even you, mike
miller, should be able to see this as you have whined in = the past when a
firewall you used or liked broke because it did stupid = stuff like this.

         As for making it easy for third parties to provide firewalls, =
Microsoft makes a significant effort to not only allow for this but it =
recently made it much easier with the Windows Filtering Platform =
(http://windowssdk.msdn.microsoft.com/en-us/library/ms758462.aspx).

      Rich


------=_NextPart_000_0068_01C6B755.0CDE8290
Content-Type: text/html;
        charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable








Don't some of the rootkits use an API =
to hide=20
themselves?
 
Geo.

  "Rich" <{at}> wrote in message news:44ce17e6$1{at}w3.nls.net...
     I don't
know names but I =
would=20
  suspect all rootkits plus more.  Beyond that some bad software =
does,=20
  apparently including the crap sold by the company the sales and =
marketing guy=20
  shills for.
   
  Rich
   
  

    "Geo" <georger{at}nls.net>=20">mailto:georger{at}nls.net">georger{at}nls.net>=20
    wrote in message news:44cd150c$1{at}w3.nls.net...
    What trojans or malware are known =
to modify the=20
    kernel or other kernel mode components?
     
    Geo.
    

      "Rich" <{at}> wrote in message news:44cac451$1{at}w3.nls.net...
         The
sales and =
marketing guy=20
      being quoted is either an idiot or a liar.  The protection =
present in=20
      x64 systems protects against trojans and other bad code that =
attempt to=20
      modify the kernel or other kernel mode components.  Well =
behaved code=20
      that calls system APIs is not affected in any way.  What =
makes this=20
      guy an idiot or a liar is that using the well documented Windows =
API=20
      provides the means to remain compatible.  Patching and =
modifying=20
      random code or data in the kernel or other components is not =
portable or=20
      compatible from version to version.  Even you, mike=20
      miller, should be able to see this as you have whined in the =
past=20
      when a firewall you used or liked broke because it did stupid =
stuff like=20
      this.
       
         As
for making it =
easy for third=20
      parties to provide firewalls, Microsoft makes a significant effort =
to not=20
      only allow for this but it recently made it much easier with the =
Windows=20
      Filtering Platform (http://windowssdk.msdn.microsoft.com/en-us/library/ms758462.aspx"=
>).http://windowssdk.msdn.microsoft.com/en-us/library/ms758462.aspx).=
FONT>
       
      Rich
       
       

------=_NextPart_000_0068_01C6B755.0CDE8290--

--- BBBS/NT v4.01 Flag-5