Tech Tips Home
The Best Tech Tips And Daily Deals
Newsletter On The Internet!

Shop online 24hrs a day or call us Mon-Fri
8:30AM-4:30PM EST - 1-800-915-2088
WorldStart Tech Tip And Store Search
Email: Password: Login Remember Me
looking for freeware

Like what you see here? Subscribe to the Tech Tips newsletter!   Email: Subscribe

All About Rootkits

Thursday, June 17th, 2010 by | Filed Under: Security Help
 
Loading...


Keith from MA asks:

I have been seeing a lot about the dangers of “rootkits” around the internet. I went to your spyware terms page to find it out what it is and it is not listed. Could you tell me what it is?

A:
My bad, I missed that one. I don’t know how I did, since it is one of the most dangerous threats out there! Here you go:

Rootkits are becoming more and more prevalent and are an incredible danger to desktop users. A rootkit (or root kit, it doesn’t matter how you spell it) is a set of tools that are programmed to install on a computer without a user’s knowledge and give the attacker full control over the system with administrator’s rights access.

But doesn’t all spyware install on a computer without the user’s knowledge? What’s different about a rootkit?

Let me delve into this a little bit deeper.

Yes, all spyware is installed without a user’s knowledge. Some are annoying, and some can mess with your computer pretty badly; however, with a bit of help from the forums and spyware removal software, most of the time you can get rid of it without doing a complete reinstall.

Not so with rootkits.

Rootkits are an incredibly dangerous form of malware. They do not discriminate when it comes to operating systems; Windows, Linux, Unix, and even Mac systems are vulnerable. Rootkits hide malware that install a backdoor to allow an attacker to take full administrator rights and have complete access to the infected computer.
A rootkit takes over your entire system and it does this by masking itself as a legitimate file, network connection, registry entry, etc., thus anti-virus/spyware programs do not detect them because they think that the file is a genuine part of the operating system. Once the computer has been hacked then the attacker can mask intrusion – not just to that computer, but to other computers on the network. Because of the way that rootkits are programmed, there is no guarantee that you will rid yourself of a rootkit due to its intricate (programming) code; in addition, removal will most likely damage your operating system due to its stealth capabilities. The stealth capabilities of rootkits are the scariest part of malware; rootkits often hide malware along with themselves (Can anyone say “Rootware”? I am not kidding.) . Because rootkits do so much damage if left undetected, a new install of your operating system is practically inevitable.

Because rootkits have now become a pandemic issue, McAfee, Panda, Symantec, and other internet security manufacturers are now coming out with online scanning tools just for rootkits. There are also rootkit-removal software programs that have now come out with “Anti-Stealth technology”, which seems to be working.

So where do you find all of this stuff to prevent, detect, and destroy? Below are links to various resources concerning rootkits.

RESOURCES

Rootkill Remover Software

Avira AntiRootkit Tool
Avira AntiRootkit Tool is geared towards the advanced user. It scans registry entries, processes and files hidden to the user. It provides all necessary information and allows for quarantine.

Blacklight
Even though many experts agree that reinstalling your operating system is the only sure way to get rid of a rootkit infection, f-secure disagrees and says that Blacklight detects rootkits in worms and spyware. This program uses “anti-stealth technology” with good results, the company reports.

Prevx
This program boasts that it has the “largest real-time threat database”. Written up by PC World for the Editor’s Choice Award for 2009, this program does super-fast 1-2 minute scans, alerts you if your pc is infected, and includes free removal of adware. This program has powerful rootkit detection capabilities. A highly recommended program. This software is free.

RootkitBooster (Trend Micro)
From the manufacturers of HijackThis comes RootkitBooster. This program scans hidden files, registry entries, processes, drivers, and Master Boot Record (MBR) rootkits. You can also clean hidden files or registry entries. A very handy program.

Rootkit Detective (McAfee)
From the well known anti-virus software provider. Kind of geared towards knowledgeable folks. It scans all processes for rootkits; a fairly new rootkit tool.

Sophos
Claimed by experts to be the best, Sophos detects and removes any rootkits installed on your system. It is easy to use, making the removal of rootkits a breeze, and without compromising your system. This program is free; there are upgrades available, along with a nice list of security software.

Systernals Rootkit Revealer
From the publisher: “RootkitRevealer is an advanced rootkit detection utility. RootkitRevealer successfully detects many persistent rootkits including AFX, Vanquish and HackerDefender (Note: RootkitRevealer is not intended to detect rootkits like Fu that don’t attempt to hide their files or registry keys).” I very highly recommended program.

UnhackMe
Another highly recommended program, UnhackMe is used by a great deal of malware-busting forums. UnHackMe detects hidden registry entries, processes, services, drivers, etc. It also detects and removes trojans, adware, and spyware.

It has a fully functional evaluation version; after the evaluation period you must purchase it to use it.

Online Scanners

F-Secure Online Scanner

Kapersky Online Scanner Pro

ESET Online Scanner

Panda ActiveScan 2.0

Sites to check out

Rootkit.com – A pretty advanced website dedicated to rootkits.

Antirootkit.com – A great website with lots of rootkit downloads and articles to educate you on rootkits. It also has a pretty extensive list of rootkit removal tools.

In a nutshell, a rootkit can cause serious damage to your computer and if you don’t detect and get rid of it, will lead you to a complete re-install. Thus you should make sure of these three things:

1. Make sure that you have security programs installed and running. (Please note that it has to be anti-rootkit software – remember that anti-virus programs miss rootkits a lot of the time)

2. Make sure that you install the latest security updates.

3. Make sure that all of your anti-rootkit software is up-to-date; there are newer versions and patches that must be downloaded so as to keep your system protected against any new-emerging threat.

Spyware. Gotta love it, huh? Keep a close eye on your system so that nobody else can!

 

~Lori

Leave a Reply


Like these tips? Get them for FREE in your email!

WorldStart's Tech Tips Newsletter

  • Tech Tips Daily - Become a tech pro! Get the very best tech and computer help sent directly to your email every weekday!

  • Tech Tips Weekly - If you don't want our Tech Tips newsletter every day, then sign up for this weekly newsletter to get the best information of the week. Sent on Fridays.

Other Newsletters

  • WorldStart's Daily Deals - Every week, we send out great deals in our Daily Deals newsletter. Many of these deals are exclusively for our Daily Deals newsletter subscribers and can't be found with our regular specials.

  • Just For Grins - Each issue includes a couple clean jokes, some funny quotes, and a hilarious reader's story. Newsletter is sent five days a week.


Enter Email Address:

Subscribe

Your e-mail address is safe with us!
We only use it to send you the newsletters you request. It is NEVER disclosed to a third party for any reason, ever! Plus, if you decided you don't like our newsletters (don't worry, you'll love them), unsubscribing is fast and easy.

Free Newsletter Signup



Tech Tips Daily

Become a tech pro! Get the very best tech and computer help sent directly to your email every weekday!

Tech Tips Weekly

The week's best in tech and computer help. Get your issue sent to your email every Friday!

WorldStart's Daily Deals

The very best deals on the Internet! Get a new set of incredible sales every day of the week!

Just For Grins

Clean jokes, funny quotes, and hilarious comics. Sent 5 times a week straight to your email.


Subscribe


Love Worldstart? Refer A Friend!

looking for freeware
WorldStart's Premium Membership

Tip Archive


Categories:
Archives: