Of all the nasty, evil, sneaky malware ever to infect millions of computers, the species know as the "rootkit" may well be the nastiest, evilest, and sneakiest. Rootkits are very difficult to detect; even harder to find once their effects have been detected; and eradicating them is extremely difficult.
What Does a Rootkit Do?
When a rootkit payload is executed it may do several sneaky things.
- It may start services running in RAM and hide them from Windows Task Manager or another application that monitors services.
- It may copy its own insidious files over identically named system files, so there's no "new" filename there when you look.
- It may and often does hide the files it writes from your operating system so you can't even see them at all. This trick can even hide rootkits from antivirus software.
0 comments:
Post a Comment