A significant proportion of current malware installs rootkits upon infection to hide its activity. A rootkit can hide keystroke loggers or password sniffers, which capture confidential information and send it to hackers via the Internet. It can also allow hackers to use the computer for illicit purposes (e.g., to launch a denial-of-service attack against other computers, or send out spam email) without the user’s knowledge.
Endpoint security products now detect and remove rootkits such as TDL and ZAccess as
part of their standard anti-malware routines. However, some rootkits require a standalone removal tool to effectively remove them.