Hands-on Project 2-1

Rookit is a set of software tools used by an intruder to break into a computer, obtain special privileges to perform unauthorized functions, and then hide all traces of its existence.

Source : Security + Guide to Network Security Fundamentals ( Third Edition )

--------------------------------------------------------------------------------------------

Searching for Rootkit Revealer

Results shown for RootkitRevealer

Page to download Rootkit Revealer

Save Rootkit Revealer

Extracting files from the compressed folder

Scan the computer for a rootkit

Scan complete : 6 discrepancies found

----------------------------------------------------------------------------------------

Reflection

Different specific types of scans can be used to detect different type of virus. In this hands-on project, I found out that there is 6 rookits in my computer, but half of the results is just microsoft discrepancy. It is important to remove any rootkits that is detected immediately, because this malware is able to allow a third party to gain control of your computer but without leaving any traces of evidence behind. Hence this may allow personal data to be leaked out without one's acknowledgement and this is especially dangerous for people who are running large companies.