A young friend of mine asked me recently for help with his computer as it was behaving strangely, with Google search results coming out weird, unable to access certain websites, antivirus wouldn’t update, and so on. I immediately assumed the system was compromised, and guessed it was a rootkit.

Set out to uncover it, I used one of Mark Russinovich’s (that sellout that works for Microsoft now – just kidding! hope you can set Windows 7 right from the beginning!) wonderful tools, and in a few minutes the evidence of the existence of a rootkit popped up in plain view. Having identified the enemy, now it was just a matter of coosing the right tool to destroy it. Had to use two of them actually – this rootkit was very resilient, trying to get around its removal with various clever techniques.

But in the end I was able to remove it and voila! antivirus was able to update itself, no more denied website access, Google searches coming out the way they should.

Since the current day trend defining characteristic of malware is stealthness, rootkits are becoming more and more popular. More computers are infected than their unsuspecting users think.

is your computer infected? contact me and find out.