Rootkits
Rootkits are becoming more and more prevalent and are an incredible danger to desktop users. A rootkit (or root kit, it doesn’t matter how you spell it) is a set of tools that are programmed to install on a computer without a user’s knowledge and give the attacker full control over the system with administrator’s rights access.
But doesn’t all spyware install on a computer without the user’s knowledge? What’s different about a rootkit?
Let me delve into this a little bit deeper.
Yes, all spyware is installed without a user’s knowledge. Some are annoying, and some can mess with your computer pretty badly; however, with a bit of help from the forums and spyware removal software, most of the time you can get rid of it without doing a complete reinstall.
Not so with rootkits.
Rootkits are an incredibly dangerous form of malware. They do not discriminate when it comes to operating systems; Windows, Linux, Unix, and even Mac systems are vulnerable. Rootkits hide malware that install a backdoor to allow an attacker to take full administrator rights and have complete access to the infected computer.
A rootkit takes over your entire system and it does this by masking itself as a legitimate file, network connection, registry entry, etc., thus anti-virus/spyware programs do not detect them because they think that the file is a genuine part of the operating system. Once the computer has been hacked then the attacker can mask intrusion – not just to that computer, but to other computers on the network. Because of the way that rootkits are programmed, there is no guarantee that you will rid yourself of a rootkit due to its intricate (programming) code; in addition, removal will most likely damage your operating system due to its stealth capabilities. The stealth capabilities of rootkits are the scariest part of malware; rootkits often hide malware along with themselves (Can anyone say “Rootware”? I am not kidding.) . Because rootkits do so much damage if left undetected, a new install of your operating system is practically inevitable.
Because rootkits have now become a pandemic issue, McAfee, Panda, Symantec, and other internet security manufacturers are now coming out with online scanning tools just for rootkits. There are also rootkit-removal software programs that have now come out with “Anti-Stealth technology”, which seems to be working.
So where do you find all of this stuff to prevent, detect, and destroy? Below are links to various resources concerning rootkits.
RESOURCES:
Rootkill Remover Software
Avira AntiRootkit Tool
Avira AntiRootkit Tool is geared towards the advanced user. It scans registry entries, processes and files hidden to the user. It provides all necessary information and allows for quarantine.
Blacklight
Even though many experts agree that reinstalling your operating system is the only sure way to get rid of a rootkit infection, f-secure disagrees and says that Blacklight detects rootkits in worms and spyware. This program uses “anti-stealth technology” with good results, the company reports.
Prevx
This program boasts that it has the “largest real-time threat database”. Written up by PC World for the Editor’s Choice Award for 2009, this program does super-fast 1-2 minute scans, alerts you if your pc is infected, and includes free removal of adware. This program has powerful rootkit detection capabilities. A highly recommended program. This software is free.
RootkitBooster (Trend Micro)
From the manufacturers of HijackThis comes RootkitBooster. This program scans hidden files, registry entries, processes, drivers, and Master Boot Record (MBR) rootkits. You can also clean hidden files or registry entries. A very handy program.
Sophos
Claimed by experts to be the best, Sophos detects and removes any rootkits installed on your system. It is easy to use, making the removal of rootkits a breeze, and without compromising your system. This program is free; there are upgrades available, along with a nice list of security software.
Systernals Rootkit Revealer
From the publisher: “RootkitRevealer is an advanced rootkit detection utility. RootkitRevealer successfully detects many persistent rootkits including AFX, Vanquish and HackerDefender (Note: RootkitRevealer is not intended to detect rootkits like Fu that don't attempt to hide their files or registry keys).” I very highly recommended program.
UnhackMe
Another highly recommended program, UnhackMe is used by a great deal of malware-busting forums. UnHackMe detects hidden registry entries, processes, services, drivers, etc. It also detects and removes trojans, adware, and spyware.
It has a fully functional evaluation version; after the evaluation period you must purchase it to use it.
Online Scanners:
F-Secure Online Scanner
http://www.f-secure.com/en_EMEA/secu...nline-scanner/
Kapersky Online Scanner Pro
http://www.kaspersky.com/kos/english...=1276684182765
ESET Online Scanner
http://www.eset.com/online-scanner/faq
Panda ActiveScan 2.0
http://www.pandasecurity.com/homeuse...ns/activescan/
The Elites don't fear the tall nails, government possesses both the will and the means to crush those folks. What the Elites do fear (or should fear) are the quiet men and women, with low profiles, hard hearts, long memories, and detailed target folders for action as they choose.
"I here repeat, & would willingly proclaim, my unmitigated hatred to Yankee rule—to all political, social and business connections with Yankees, & to the perfidious, malignant, & vile Yankee race."
Reply With Quote
Bookmarks