Don't Get Infected by Rootkits!
Rootkit infection is one of the worst infections a computer user may be challenged. Typically, rootkits hide their presence on the system evading standard operating system security scan, anti-virus or anti-spyware scan. Often, they can be Trojans, thus trying to make users to believe they are safe to run on their systems. Rootkits modifies the system to hide the processes of other viruses and burdens their removal.
7 % of all infections detected are rootkits. According to the Rootkit Reports of 2009, the most common rootkits that have been blocked by real time protection belong to Alureon family. This family places more than 60 % of the reported rootkits. However if we compared blocked rootkits with infections that had files actively hidden on disk from Windows, the situation would be quite different. In 2009, the biggest group of top active rootkits belongs to Rustock family (45%).
The first sign that a computer is messed by rootkits is an altered computer kernel. This is a way to make the system instable and more comfortable for a rootkit to hide. It also explains the fact that a rootkit usually gets active by modifying Windows OS kernel.
Rootkits usually hide their binaries in system drivers or user temp folders. Unfortunately Windows not always detect threats in these locations. Drivers also take the first place talking about the most common type of file being hidden on computer.
When rootkit enters the system it might be quite a big challenge to remove it. Instead, you have to try to elude them. So what can be done to protect computer from rootkit? Most importantly is to keep the real time protection feature on your antispyware software turned on. Running antispyware software with a real time protection off will not insure full protection. Another thing is using 64 bit Windows. It is proved that the users of 32 bit Windows are attacked by rootkits more often than users of 64 bit Windows. Besides, fewer infections from 64-bit computers are able to become active. Keep your antispyware updated to be superior to the bad guys!
Recently commented malware