Computer security: what is a rootkit?

It was good for the first users of computers and the Internet. They did not know the meaning of the words virus, trojan, spy, worm, rootkit, etc. More precisely, they knew such words, but not with computers. Now everything has changed, and this is only the tip of the iceberg of the dangers that await us and our devices. A significant part of the problems for computer security, about 50% in the corporate sector, are created by rootkits. Let's try to figure out what a rootkit is and how to deal with it.

Of course, if your computer is installed at home and works only to meet personal needs, then the likelihood that it will interest intruders and they want to install any spyware module on it is very small. But to date, many users use their personal devices as a financial tool: to manage bank accounts, electronic money and money transfer. Therefore, the danger increases, and the rootkit virus plays an important role in it.

And yet, what is a rootkit? The word itself comes from the English expression root kit, which means "a set of tools for obtaining administrator privileges." Every more or less advanced computer user knows that any operating system delimits the possibility of access to various of its components. And it can only use and change directories and files that do not affect the entire system. Full authority over the OS is the administrator. Proceeding from this, it becomes clear that ordinary users of intruders are not interested. They are interested in administrator rights and they do everything in order to have them.

In addition, we, as well as software manufacturers, often contribute to this. Most programs can be installed only with administrator rights, which is what "bad" people use, placing malicious code in the software, the same rootkits. Once in the system, they easily intercept its functions, disguised. Their activities look like simple work of various services. Remaining invisible, they install their drivers, other elements, completely seize power over the system and deploy subversive activities. Here we are and figured out what a rootkit is.

To detect a rootkit virus, it can be removed, but for this purpose it is desirable to use specialized software, since although many known antiviruses have a module for catching these malware, it does not always work.

Many experts on computer security offer for this purpose a free program Sophos Anti-Rootkit, developed by Sophos. It is intended for high-quality catching of these carriers of malicious code. After installing it, we start and conduct the initial full scan of all directories, so that there are no doubts about the presence / absence of pests in the system. It is recommended that you do this regularly. When the rootkit is detected, the Cleanup checked items button appears, with which we destroy the enemy. Like any similar software, this program does not give 100% guarantee, but in combination with other anti-virus software provides a fairly reliable protection of computer equipment.

Having determined what a rootkit is, we figured out with one of the ways to combat this infection. If you want, you can find other programs, both paid and free. But the main thing is to be cautious when traveling the Internet!