Home » Computers » Computer Hardware » PC Computers » How to Detect Rootkits on a Computer

How to Detect Rootkits on a Computer

By eHow Computers Editor

Rate: (0 Ratings)

Rootkits are used by hackers to hide intrusions into a computer. Rootkits are often used to obtain administrator privileges to the system and to other machines on the network so that they can spread malware, track keystrokes or open a backdoor into the system. Because of their stealthy nature, rootkit detection is difficult.

Flag Article

Instructions

Difficulty: Moderately Challenging

Step1
Make note of strange behavior on computers that were previously reliable. Look for disabled antivirus software, blue screens and system crashes and reboots. Check for new drivers, legitimate software or windows updates that coincide with this behavior. If you find none, a rootkit may be to blame.
Step2
Use free and inexpensive programs to detect rootkits. HijackThis, WinPFind and Silent Runners software are some programs that may find a rootkit. Free or beta versions of rootkit detectors and Microsoft's Malicious Software Removal Tool also can be used to look for rootkits.
Step3
Run your computer in safe mode. Do a virus scan. Some rootkits won't run in safe mode, so they're visible to the antivirus software during this time.
Step4
Combine different kinds of spyware and malware detection programs to seek out rootkits. One might find what the others did not. If you choose to keep the computer on the network, use a network analyzer or a personal firewall to detect strange activity.
Step5
Purchase a rootkit detector. You may have to use more than one, since rootkits are constantly rewritten to avoid detection by popular detectors. Check reviews on sites like PC Magazine.

Tips & Warnings

  • Unless you're planning to prosecute the hacker or want to learn how to prevent future rootkits, trying to detect a rootkit may take too much time and resources. Generally, removal won't restore the system back to normal. It usually leaves the system so unstable that it needs to be reformatted anyway.
  • If you plan to take legal action, document each step that you take in the detection process and keep the hard drive intact.
  • If you suspect rootkit infection, it's best to immediately remove the system from the network if possible.

Who Can Help:

Post a Comment

POST A COMMENT

Request a New How-To Article

Looking for more How To information? Chances are there’s an eHow member who knows how to do what you’re looking to do. Submit an article request now!

SUBMIT REQUEST

More Articles Like This

eHow Article:  How to Detect Rootkits on a Computer

eHow Computers Editor

eHow Computers Editor

Category: Computers

Articles: See my other articles

Related Ads

Solder Wires and Electronics

Solder Wires and Electronics
By: MrCHUCK mrchuck999.blogspot.com


Motherboard Components: How to Build A Custom PC

Motherboard Components: How to Build A Custom PC
By: expertvillage


Motherboard Components: How to Build A Custom PC

Motherboard Components: How to Build A Custom PC
By: expertvillage


DVD and CD Rom Drives: How to Build Your Own Custom PC

DVD and CD Rom Drives: How to Build Your Own Custom PC
By: expertvillage


DVD and CD Rom Drives: How to Build Your Own Custom PC

DVD and CD Rom Drives: How to Build Your Own Custom PC
By: expertvillage


whip your hard drive

How to whip your hard drive
By: shaggy30


Deal With PCBs When Recycling Electronics

How to Deal With PCBs When Recycling Electronics
By: eHow Computers Editor


Use the Computer Recycling Bin

How to Use the Computer Recycling Bin
By: Megan Shannon


Raise Consumer Awareness for Electronics Recycling

How to Raise Consumer Awareness for Electronics Recycling
By: eHow Computers Editor


Buy a Dell Computer

How to Buy a Dell Computer
By: eHow Computers Editor


SEARCH

Copyright © 1999-2008 eHow, Inc. Use of this web site constitutes acceptance of the eHow Terms of Use and Privacy Policy.

Partner Sites

Demand Media