![]() Provision of access to OS kernel for malicious code\applications (for the sake of antivirus processes termination), injection of malicious code into legitimate processes, interception of network traffic (sniffing), interception of presses keys (keylogging), etc.Counteractions against modification and\or elimination of the rootkit by antivirus in case of detection, including restoring changed ones.Concealing of files on storage (HDD), Windows registry keys and values, processes in system, loaded modules, memory regions (in case of fileless malware), network activities, disk sectors, other objects and artefacts. ![]() In most cases, a rootkit includes a driver (or chain of drivers), functions in kernel mode, and performs some or all the following functionality: Anti-Rootkit technology, part of Kaspersky’s multi-layered, next generation protection, detects active infection by these rootkit programs and remediates systems from this type of infection. Rootkit - A malicious program that applies different techniques of concealing malicious code and activities from detection and counteracts against attempted remediation by antivirus. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |