New
#1
If someone has SYSTEM rights to my PC remotely security question
Hi. If someone has full SYSTEM rights remotely to my Windows, that person can do whatever he likes and no antivirus or software will ever find out, right? Let's say that this person is spying on me. If I change group policy to secure my self as well as I can with over 20 group policy edits from STIG security, and then a lot from STIG in secpol. And then have malwarebytes norton 360 and windows defender. Would that do anything at all to the person that has remotely access to my pc from the network or through my mouse or keyboard USB receivers. Will he be able to do what ever he wants unnoticed until I see changes to my security that I have secured that is now suddenly reverted?
Or that he can basically format my whole non OS drives with a click of a button whenever he likes? Let's say this person had physical access to my PC at some point and installed a deep-rooted rootkit in my motherboard or any other component or in my hard drives and if I don't secure erase all of them it persists and then spread to all HDD every time I use them or clean installation windows. For an example, is a rootkit in HDD that has a hidden partition with files in it that the rootkit works in? Would this mean I would basically need to buy a whole new PC and never use any parts I ever used with my old PC with the new, like any USB I ever used or HDD, does RAM count?
The only way to get rid of it is by not using any of it again? I guess with a new PC, they can't reinstall this without having physical access to my PC again? Or am I in danger just using my router? Let's say the hacker is my neighbor, would using my router be a risk, that he can use to transfer the rootkit again? And would that rootkit be caught by my security in windows before damage is done, vs if he has physical access to my PC?
"Removal can be complicated or practically impossible, especially in cases where the rootkit resides in the kernel; reinstallation of the operating system may be the only available solution to the problem. When dealing with firmware rootkits, removal may require hardware replacement, or specialized equipment. "