What Is A Rootkit And What Makes It Distinct From Other Malware?

Now, what is a rootkit, you may wonder. Over time, PC users are being exposed to new kinds of malware apart from conventional computer viruses. Gone are the days when just installing an antivirus program would provide protection from malware.

Nowadays, computer users need to be aware of various types of malware, including rootkits. If you are unaware about this malware variant and are wondering about rootkits, there are certain things you need to know about this malware.

A rootkit does not behave in the way a typical computer virus does. It does not interfere directly with applications or the OS. It remains hidden within the OS kernel and evades the scanning conducted by regular system security software. It sends confidential user data to other users, mostly hackers, which helps them exploit PCs and significantly compromise user security. In many instances, PC users take a long time to understand the repercussions of rootkit infection.

Understanding What Is A Rootkit

Rootkits can actually have far reaching consequences on an infected computer than regular viruses. They manage to stay hidden in most instances and even affect the system BIOS. People interested about what is a rootkit need to remember that unlike most PC viruses, they can affect operating systems other than Windows. The first ever rootkit was actually developed for the Unix OS.

Sometimes, rootkits developed for no harmful reasons can be misused by malicious hackers. This is what struck the millions of PC users who had bought Sony BMG CDs in 2005. These CDs had a rootkit to implement DRM. It was meant to prevent music piracy, but the rootkit in these CDS fell into the wrong hands, and the consequences were severe.

There are many ways in which a rootkit can sneak into a computer. It can come bundled with some trial software or with adware. This is why users should be careful about installing applications from unknown sources.

When you want to know what is a rootkit, you need to be aware of how it spreads too. They can also spread through all types of removable media (e.g. optical media disks, USB drives, aso.), unsafe email attachments and malicious links (using your browser vulnerabilities for drive-by downloads).

Stay Safe From Rootkits

Apart from using only trusted software, PC users need to install quality anti-rootkit apps on their PCs. Antivirus software vendors like Avast, Avira, eScan, K7, Kaspersky, Norman, Panda, Trend Micro, Vipre and Malwarebytes included integrated rootkit scanning in their products.

Other Preventive Measures To Stay Safe From Rootkits

Rootkits are difficult to detect and can often be removed only with considerable effort. To be on the safer side, every user who installs any kind of software or making online purchases and transactions should use adequate safety measures. Although changing account passwords periodically and using virtual keyboards offer some degree of protection from malware such as rootkits I recommend that you

  • Keep your operating system and applications up to date. Applying security patches as soon as they become available is highly important. Activate the automatic update feature of your operating system and use 3rd party apps like Secunia PSI or UpdateStar Premium to reduce the existing vulnerabilities of your locally installed apps to a minimum.
  • Don’t use your admin account for regular internet activities as this increases the chance that your computer gets infected with a non-removable rootkit. Using a separate computer user account with minimal operating systems privileges for this task minimizes the contact surface for rootkit attacks.
  • Always distrust new software regardless of its source. Scan removable media with your locally installed antimalware scanners before you install any new software from them. In case that the new software installation package is not larger than 32 MB consider to upload it to VirusTotal. This free-of-charge platform currently checks uploaded files against 41 different anti-malware apps and provides you the scan result of each used antivirus product in a single report. There are also great plugins available for all major web browsers like...VTzilla for Mozilla
    VTchromizer for Chrome
    VTexplorer for Internet Explorer
    Virus Total Extension for Opera...to support you in checking new software even before you download them to your computer.
  • Deactivate the AutoRun feature for removable media on your PC as this prevents rootkits from automatic installation. Use Panda USB vaccine if your chosen security software products do not offer that kind of feature.

When it comes to the question what is a rootkit you should be aware that this type of malware is one of the most dangerous PC users can face. Rootkit removal without reinstalling your operating system is only under certain circumstances possible. For that reason you should take every precaution against this type of malware.


[Homepage] [Computer viruses]

[What is a rootkit]

Return to top