Computer Tips From A Computer Guy |
| Posted: 15 Nov 2009 03:09 AM PST The term rootkit or root kit originally referred to a maliciously modified set of administrative tools for a Unix-like operating system that granted root access. If an intruder could replace the standard administrative tools on a system with a rootkit, the modified tools would allow the intruder to maintain root access over the system while concealing these activities from the legitimate system administrator. In Windows world, the term rootkit is also used to describe the mechanisms and techniques whereby malware, including viruses, spyware, and trojans, attempt to hide their presence from spyware blockers, antivirus, and system management utilities. A free rootkit revealer from Sysinternals is a very lightweight tool that I use to scan for probable rootkit anomalies. The tool doesn't tell you if the anomalies are good or bad. Some that are hidden from the Windows API are valid like ongoing file downloads. You should examine all discrepancies and determine the likelihood that they indicate the presence of a rootkit. Unfortunately, there is no definitive way to determine, based on the output, if a rootkit is present, but you should examine all reported discrepancies to ensure that they are explainable. If you determine that you have a rootkit installed, search the web for removal instructions. If you are unsure as to how to remove a rootkit you should reformat the system’s hard disk and reinstall Windows.
Related postsCopyright © 2007 Online Tech Tips. Aseem Kishore (digitalfingerprint: a59a56dce36427d83e23b501579944fcakmk1980 (74.125.44.136) ) Post from: 
       |
| You are subscribed to email updates from Online Tech Tips To stop receiving these emails, you may unsubscribe now. | Email delivery powered by Google |
| Google Inc., 20 West Kinzie, Chicago IL USA 60610 | |
