Computer Virus Rootkits - How Can You Get Rid of Them?

Just when you think the malicious virus authors have slowed down, they go and invent something new to bring trouble to computer users everywhere. One of the newer forms of viruses is called a 'rootkit' and it's here to make your day miserable.

One thing that has made viruses easier to deal with over the years has been their visibility. Executables that contains the virus usually have names that are different from standard programs on computer systems, so they are easy to identify. When the virus renames the standard file and replaces it with the virus, the new one often has a different date or was of a different size and they show up in the task manager list of programs on Windows. This makes them fairly easy to identify either by you, or by your antivirus software.

Rootkits are much more dangerous than other types of virus infections simply because they can easily hide these malicious files making them harder to find by both antivirus software programs and by the individual user.

Rootkits actually began with Sony in November 2005, when they began using rootkits on some music CDs as a way of hiding copy protection files. Ever the inventors, hackers began turning this technology into something to cause harm. Any file that began with '$sys$"" was invisible, so the hackers named their malware in ways to take advantage of this shortcoming.

Distributing these rootkits became as easy as passing along any other virus. The rootkits have been distributed through spyware downloads which are initiated when you click on ads, by downloading free software, and by opening e-mail attachments. One click is all it takes to start the damage.

Some of these rootkits even found their way into the boot area of hard drives. That means that the technique many of us employ of rebooting our computers in order to clear out memory is no longer effective. These rootkits will simply restart every time the operating system restarts itself.

And unfortunately many automated virus scanning programs, or antivirus software programs, are set up to scan only regular programs and not the boot sector. In the early days of viruses boot sectors viruses were common (because of floppy disk based infections) so anti-virus programs could protect against them. Then we stopped fitting floppy drives to computers so the need for boot sector protection went away.

Once the rootkits are hidden in boot sectors it's possible for it to become the program that controls many of the basic computer functions, and can control specific parts of the hardware itself.

This makes it nearly impossible to install software that can combat the rootkit. Really, there's nothing the virus can't do; it can hide it's workings from any application that is charged with checking for virus applications. It can even hide its efforts from the higher-level functions of the computer's operating system.

If your computer begins running funny, you might not suspect a rootkit, but instead assume that Windows is acting odd as it does now and then. Very few of us are going to be well-versed enough to suspect that a rootkit is, in fact, the cause of the problems. If you suspect your system might be infected with a rootkit then Google rootkit removers and you should find something to help you sort the problem out. AVG is one example of a free anti-virus program that could help you identify and remove rootkits.