For those of you with a sense of humour, this has nothing to do with a kit to improve your sex life, in fact it would probably have the opposite effect! So what are rootkits? They are super stealth hacks that are hidden from most virus checkers and spyware detectors. Trouble is, large numbers of computers using the Windows operating systems are being infected with rootkits. I do a lot of computer troubleshooting and repairs, and in the last few weeks, I have been finding an increasing number of computers infected with rootkits.
So you've been diligent, and kept your virus, spyware, and firewall up to date, but one of the family has decided to use one of the music sharing systems, or visited a site, and your computer has been hacked through your web browser. Hidden inside your confidently safe computer is a super stealth rootkit.
You can run your virus checker or spyware removal tools till the cows come home, you won't find anything. You need to run this special tool called rootkitrevealer. Most of you are going to find the information on the rootkitrevealer page, gobbledy gook. Read it if your feel you will understand some, or just cut to the chase, and go to the bottom of the page and download the Rootkitrevealer.zip file. It is a compress zip file, so save it onto your computer, and unpack it. Then run the Rootkitrevealer.exe file on you computer.
If you have no understanding off the last two lines in the above paragraph, you're in over your head, and should immediately stop all Internet banking on your home or work computers. Change your banking password immediately and stick to phone banking or psychically go to the bank. This type of basic security knowledge is essential to your banking and business security on the Internet. Most people's faith in computer security is unfounded, and based on poor information.
So you run Rootkitrevealer on you computer, (By the way, there are more steps involved to run rootkitrevealer on Vista, at present), and you get discrepancy results. What do they mean? The best I can tell you in brief, is to look to the end of discrepancy lines, and you may need to widen the column to see them, items like SAC, SAI are normal, as are entries that may refer to your virus checker name. eg Symantecs (Norton's anitvir), or Nero, a CD burning programme. Most clean computers will only have a few normal discrepancies as described above. The more discrepancies, the more likely the breach to your computer security. Most people will not have a clue what are normal discrepancies and what are abnormal. Anything over about 4 or 5 is suspicious.
All I can say is take a deep breath, and read this free book on stress management.
If you find any rootkits, getting rid of them is another story. Have you got all afternoon! I really feel that most of you out there should stop Internet banking and use phone banking or go physically to the bank. I have been demonstrating the use of Rootkitrevealer to Sunshine Coast Computer Club members.
© 2007 Peter Daley
Disclaimer: This is an amateur volunteer run service. Human error can provide incorrect information, and equipment malfunction can produce false readings. Do not rely on, or take action upon information presented on this web site or at SCCC activities, without further research. Views expressed in the pages, images, or tutorials on the SCCC Inc., web site or presented at venues, maybe the personal opinions of the relevant writers or presenters, and are not necessarily representative of those of SCCC Inc.
Leave a Reply