Just when you thought you had seen it all...

A recent article I read in PC Magazine prompted me to research this a bit online, and well, frankly it's scary.  There is a tool that up until recently was more commonly seen in the Unix community, called rootkits.  These malicious tools are not generally harmful by themselves, but are coupled with Trojans to do some devastion to systems and you would  never even know, regardless of how many umpteen tools you run a day.  Read on...

Applications run on your computer by making calls to certain API's to do some common functions.  For example, a directory listing.  It's just not feasible to have developers run low-level system calls to get a directory listing, when they can just hook into an API the system provides.  It's used by all programmers, as it's just required to properly code.

A rootkit is a utility that when installed on a system (usually without your permission and knowledge), it will essentially intercept those API calls, manipulate the data (for example, to remove it's name from a directory listing, and to modify the number of files in the directory afterwards), and then return the data to the requesting party.  While this isn't harmful in itself, and they don't hurt resources, one common usage of rootkits is to couple them with Trojans so that you never know the Trojan is there.  The worst thing...A/V and Malware/Spyware scanners do not pick up rootkits, and when properly implemented, cannot pick up on files that the rookit is hiding.

Scary, huh?

Here are some reference points I found, links to programs that CAN detect rootkits, and sites that have more information on the subject in general.  Please note that we have no control over the content of these sites and are providing links as an educational experience only.  Also please note that most of the utilities that you can download to detect and remove rootkits are completely free (at this time):