There’s nothing new under the sun, and rootkits are no exception. In the early days of personal computers, in the age of the DOS command-line operating system, there were viruses that hid their presence from the users and anti-virus programs. They did it by intercepting some system calls that were responsible for reading the files, and lied to the system by filling these calls with fake information.
You could view an infected file right in front of your eyes and see nothing but legit code! These viruses were called ‘stealth’ in those days. When computers evolved, Windows replaced the DOS. Old viruses did not run under the new operating system, and it wasn’t easy to develop simple hacks to intercept system calls in Windows. But time has passed, and now there’s a new wave of viruses that can work on Windows and hide their presence even more efficiently than the stealth viruses of the old days.
These new viruses are called rootkits. Microsoft tried to address the problem by releasing their own Rootkit Revealer. While being a correct concept, this tool fails on too many levels. Microsoft Rootkit Revealer is intended for use by system...