A rootkit is a general description of a set of programs which work to subvert control of an operating system from its legitimate operators.
Usually, a rootkit will obscure its installation and attempt to prevent its removal through a subversion of standard system security. Techniques used to accomplish this can include concealing running processes, files or system data from the operating system.
Rootkits have their origin in benign applications, but in recent years have been used increasingly by malware to help intruders maintain access to systems while avoiding detection. Rootkits exist for a variety of operating systems, such as Microsoft Windows, Mac OS X, Linux and Solaris. Rootkits often modify parts of the operating system or install themselves as drivers or kernel modules.
There are different kinds of rootkits. Some, called Kernel level rootkits add or change code in the kernel to hide back doors in the system. This makes it easy for Trojan Horses to slip in. Some rootkits act as drivers and install themselves as such on to the system.
Virtual rootkits can change the computer’s boot sequence and then load themselves through the machine’s memory. From there it can intercept any communication made by the operating system. Application level rootkits can replace normal application binaries with fakes and they can also change the behavior of the current applications on the system.
A tremendous amount of damage can be done to a person’s system once it’s infested with a malicious rootkit. You must first prevent any Rootkits from entering your computer and you must also check if your machine already has some and delete it. Click the link below for our favorite anti-spyware program, this free scan will inform you what nasties may already be on your computer.
