A Quick Look at Root Kits

Anyone who has used a computer for any significant amount of time has probably encountered one of the many types of online threats we are all so often exposed to these days.  Malicious software—or “malware,” as it is called—is everywhere and it can come in many different forms.  You might be most familiar with the computer virus—and the “Trojan” virus, especially—as this was the most commonly used nomenclature for malicious programs.

Another type of malware that is common today is known as the rootkit.  A rootkit is, essentially, just a bunch of malicious codes whose focus is to break into the most secure parts of a computer where it would typically not be allowed.  Basically, a rootkit attempts to override administrative locks to access the operating system and, essentially rewrite code without the user’s knowledge.

HOW TO DETECT A ROOT KIT?

Obviously, it is not easy to detect if your computer has a rootkit.  Like all other types of malware, a rootkit is designed to conceal itself. In some cases you may never find it, but you can certainly see evidence of its work.

First of all, anytime a computer is infected with some kind of malware, one obvious symptom is that it begins to run much slower than usual.  This is because malware runs programs that are hidden from you.

Trying to determine if you have a rootkit malware on your computer is not easy.  These programs basically use your security software against you, hiding from its detection services. As such, you may not be able to actually find the problem; but you could always try to use another computer or service to find it.  Other symptoms of a rootkit include erratic behavior, memory dumping, and scanning differentials.

HOW TO REMOVE A ROOT KIT?

Now, let’s assume that you have managed to figure out where the root kit has rooted up in your programming. This does not mean that you will be able to remove it. Even the best computer engineers are not always able to get to the proverbial root of the problem.

For example, if this root kit was installed in a kernel, if you remove the root kit it could damage the kernel; and that, in turn, could corrupt the whole of your operating system.  In fact, you might have to remove your operating system and install a brand new one. Though, companies like Hikvision have successfully protected government computers in past from rootkits.