Featured:
Allergies
Tech Know
Grilling Guide
eHow Now Blog

How to Detect Rootkits on a Computer

Rootkits are used by hackers to hide intrusions into a computer. Rootkits are often used to obtain administrator privileges to the system and to other machines on the network so that they can spread malware, track keystrokes or open a backdoor into the system. Because of their stealthy nature, rootkit detection is difficult.

Instructions

    • 1

      Make note of strange behavior on computers that were previously reliable. Look for disabled antivirus software, blue screens and system crashes and reboots. Check for new drivers, legitimate software or windows updates that coincide with this behavior. If you find none, a rootkit may be to blame.

    • 2

      Use free and inexpensive programs to detect rootkits. HijackThis, WinPFind and Silent Runners software are some programs that may find a rootkit. Free or beta versions of rootkit detectors and Microsoft's Malicious Software Removal Tool also can be used to look for rootkits.

    • 3

      Run your computer in safe mode. Do a virus scan. Some rootkits won't run in safe mode, so they're visible to the antivirus software during this time.

    • 4

      Combine different kinds of spyware and malware detection programs to seek out rootkits. One might find what the others did not. If you choose to keep the computer on the network, use a network analyzer or a personal firewall to detect strange activity.

    • 5

      Purchase a rootkit detector. You may have to use more than one, since rootkits are constantly rewritten to avoid detection by popular detectors. Check reviews on sites like PC Magazine.

Tips & Warnings

  • Unless you're planning to prosecute the hacker or want to learn how to prevent future rootkits, trying to detect a rootkit may take too much time and resources. Generally, removal won't restore the system back to normal. It usually leaves the system so unstable that it needs to be reformatted anyway.

  • If you plan to take legal action, document each step that you take in the detection process and keep the hard drive intact.

  • If you suspect rootkit infection, it's best to immediately remove the system from the network if possible.

Suggest item

Related Searches:

Comments

You May Also Like

  • Rootkit Detection Techniques

    Rootkits are dangerous malicious files, or malware, that can potentially harm your computer. Rootkits often install deep within the operating system. This...

  • How to Remove the UAC Rootkit

    The UAC Rootkit poses a serious threat to the data of your PC and your privacy. However, with a few simple procedures...

  • How to Stop Rootkits

    Rootkits are about the nastiest type of malicious software (malware) out there. Once on your computer, they can disable key system functions...

  • How to Manually Remove a Rootkit Infection

    A rootkit consists of a series of programs used by hackers to hide their malicious programs from antivirus and other security programs....

  • Rootkit Detection & Removal

    Rootkits can harm your computer and need to be removed as quickly as possible. There is help available to assist you in...

  • List of Rootkits

    Most computer users know the importance of protecting their systems from malicious software (malware) such as computer viruses. However, most users are...

  • How to Remove Rootkit Virus from Windows XP

    Rootkit is a type of malware. Malware, although technically different than a virus, is just as undesirable for your computer. Rootkit can...

  • How to Detect eBlaster

    The eBlaster program uses keylogging and stealth emailing as its primary methods for logging everything you type, including your personal information and...

  • What Is Rootkit?

    A rootkit is a system created to infiltrate a computer system and then conceal its presence once it has infiltrated. Typically, a...

Related Ads

thumbnail
Featured