Ask Leo! by Leo A. Notenboom

NTRootKit

Helping people with computers... one answer at a time.

Ask Leo! » What is ...

NTRootKit appears to be a hacker tool that once installed in your computer can gain admin access and perform various functions.

by Leo A. Notenboom, © 2004

What is NTRootKit?

•

From McAfee and Network Associates: "The NTRootKit is a hacker tool, used after an attacker has gained admin access to a Windows NT/2K system. Once the NTRootKit has been installed, an attacker can perform various functions..." Read their article. Yet another reason to scan for viruses regularly.

•

Article C2040 - June 14, 2004

Leo

Leo A. Notenboom has been playing with computers since he was required to take a programming class in 1976. An 18 year career as a programmer at Microsoft soon followed. After "retiring" in 2001, Leo started Ask Leo! in 2003 as a place for answers to common computer and technical questions. More about Leo.

Not what you needed?

Recent Comments

2 Comments

Hi there, I am really getting cheesed with this "ntrootkit.exe" file that appears each time I turn on the computer. How can I get rid of that screen, as well as the rootkit. I did have NORTON protection, but since last week no more, so I am using only Temporary protection.

My plan is to get McAfee of such as soon as possible.
Hope you can drop my a note, to help
THANKS

Posted by: Amanda at September 30, 2004 10:20 PM

Keep in mind that McAfee, while more user-friendly that it used to be, had its engine fail in a VB100 test as recently as last February.

Not to advertise for anyone, but if you're not happy with Symantec (formerly known as Norton), go for Avast which is free, and only requires an initial registration followed by an annual registration (which usually works fine) -- it's free, it's trusted, and it's been known to find stuff McAfee and Symantec have missed. And I'm speaking as a Symantec partner!

On the NTRootkit, I'm surprised Symantec didn't kill it (IF it's a virus; some malware just isn't designed to be picked up on AV programs because it's not a virus). Install Spybot Search and Destroy (another free and highly-trusted download), update it, and let it run -- should take about 45 minutes to an hour to run completely -- that usually finds *all* the nasties.

Posted by: Chris Yost at April 3, 2009 7:55 AM

Post a comment on "NTRootKit":

Name: (Required - will be included when your comment is published.)

Email Address: (Required - will not be published.)

Remember Me? YesNo

Comments: (You may use HTML tags for style)

Before commenting, please...

READ THE ARTICLE. A comment that shows you didn't will be deleted and ignored.
Comment only on the article. Use the search box at the top of the page if you have a question about something else.
NO PERSONAL INFORMATION in the comment. No email addresses. No phone numbers. No physical addresses.

Anything that looks the least bit like spam will be deleted. Links to unrelated sites or links that appear to be primarily promotional will be deleted, or the comment will be deleted.
Don't ask me to recover lost passwords or hacked accounts. I can't. Those comments will be deleted.
I can't respond to every comment. And I can't vouch for the accuracy of others who do.

Read Why didn't you answer my question? for hints on getting an answer.
By posting a comment you agree to the Terms of Service. Don't agree? Don't post.
READ THE ARTICLE. A comment that shows you didn't will be deleted and ignored. Yes, I'm saying this twice; you'd be amazed.

Please wait. Your comment is being processed ...

Question? Ask Leo!
The Tip Jar: Buy Leo a Latte!

Categories | Full Archive
By Date | Business Card | About

Advertisements do not imply my endorsement of any product or service.

Copyright © 2003-2012 Puget Sound Software, LLC and Leo A. Notenboom
Ask Leo! is a registered trademark ® of Puget Sound Software, LLC
Terms, Conditions & Privacy
Product Reviews, Recommendations and Affiliate Links Disclosure

http://ask-leo.com/ntrootkit.html