What is a Rootkit and how do you know if you are infected with Rootkit?

| June 3, 2011 | 2 Comments

People today are rightfully fearful of computer viruses since they are aware of the damage they can do. There are also the nasty programs which are designed to infect other computers by spreading out, known as computer worms.

On the other hand, we have a very different and devious virus, which we now know as the Rootkit. It is in fact not even a virus at all, but rather a code which hides deep inside your system and allows hackers to gain control over your PC. What makes it different is that it is not destructive in nature like viruses and it does not spread like worms.

So what does a Rootkit do?

The main objective of a Rootkit is to provide administrative powers to a user over a remote network, so that they gain access to your private data and system files. With a rootkit on your system, these users can basically do whatever they want with your PC. Therefore these rootkits pose a serious threat.

Unlike an average computer virus, a Rootkit can go much deeper into the system. It becomes harder to remove them because they can also infect the BIOS of the system which is independent of the OS. These rootkits are not even operating system specific therefore Apple or Linux systems could be infected by them too.

So how you might get infected with a Rootkit?

You might install software that you thought was trustable but it could have in fact contained a rootkit.

Shared disks and drives containing rootkits can also infect your system much like the technique used for standard viral infections. Since rootkits have a silent nature, they are not easily spotted by either of these techniques.

How do you know if you are infected with Rootkit?

If your system is infected with a Rootkit, it might lose its reliability and display strange behavior. Your system’s antivirus might suddenly have become disabled, you might frequently get blue screens and the system might regularly reboot and crash. Unless these problems are being caused by the lack of appropriate drivers, legitimate software or windows updates, your system could most probably be infected with a Rootkit.

 

HijackThis, WinPFind and Silent Runners are some of the free software programs which can be used to detect a Rootkit. To look for rootkits in your system, you can even use Microsoft’s Malicious Software Removal Tool.

Perform a virus scan after running your computer in safe mode. Certain rootkits become visible to antivirus software as they are not able to run in safe mode, so you can easily detect and remove them this way.

To be able to search for rootkits in your system, use the combined efforts of trustable spyware and malware detection programs. Sooner or later, a Rootkit might get detected by one of them. If this fails, you have to option of detecting strange activity on your computer network by using a personal firewall or a network analyzer.

Since rootkits can be really tricky to detect and finally remove, if all fails, then buying a Rootkit detector should definitely work in removing this nasty virus.

You might also like:

Category: Windows

About the Author 

I'm the founder of the site. I'm a tech enthusiast and love to follow the latest social trends. Computer information site is where I write about computer tips, technology and gadget news, SEO, internet marketing and tutorials. When I'm not blogging I'm online playing world of warcraft.
  • http://www.marvelousforums.com Red

    Very decent blog. I wold also like to point out that most freeware anti-virus program does include rootkit scan. Even, I have seen rootkit scanner not included in shareware versions too. So, you really need to research the features of an anti-virus before buying it.

    Good luck

    • Samuel King

      Thanks very much for the contribution, well worth it :)