A rootkit is a set of programs allowing administrator-level access to a computer. A cracker can install a rootkit on a computer after first getting user-level access in two ways; by exploiting a known vulnerability or cracking a password. When the rootkit is installed, it enables the attacker to hide intrusion and obtain privileged access to the computer.
As rootkits are complex and ever changing they are very difficult to understand. Let's take a look at one of them. The rootkit we are going to look at is called Rootkit.TDss.gen, it is a rootkit-protected, malicious backdoor program that opens compromised PCs to further infestation by other malicious programs. If you take a peek at my article on The Seneka Rootkit you will find another type of rootkit. Below you will find characteristics of Rootkit.TDss.Gen that you should know for future reference:
- Rootkit.TDss.gen may block access to security sites,
- Rootkit.TDss.gen may allow attackers to have root access to an infected computer,
- Rootkit.TDss.gen may slow down computer processing,
- Rootkit.TDss.gen may decrease system performance.
With enough time and competence, you will be able to search your computer for Rootkit.TDss.Gen manually. It takes much time to detect all the Rootkit.TDss.Gen files. Bear in mind that Rootkit.TDss.Gen may still appear after rebooting, for its hidden files may still be there.
To prevent Rootkit.TDss.Gen from reappearing you must be alert of suspicious spam E-mail attachments and unknown websites. Take a look at some methods that can protect you from Rootkit.TDss.Gen and other malware:
- Use a computer firewall,
- Ensure that you have downloaded all the latest critical security updates,
- Adjust Internet Explorer web browser's security settings,
- Download and install anti-spyware protection, such as, Spyware Cease,
- Surf sites and download programs from the web sites you trust.
Generally, rootkits are increasingly hard to detect on any network. So, if you want to stop malware, the only way to do that is to keep antivirus/anti-spyware software up to date.