Rootkit is a type of program that is very hidden in the operating system to execute malicious or annoying programs, such as pop-up programs, advertising software, or spyware.
Most security solutions cannot detect and clear them. This is because the Rootkit is very hidden in the operating system and exists in the form of fragments. If any of the associated fragments are missing during the cleanup process, rootkit can activate itself.
Generally, virus scanning is usually performed to clear the virus program, but the rootkit can be executed again after the operating system is restarted, so the problem is not completely solved. To solve the problem, we must eradicate it from the rootkit itself, that is, from the malicious program source.
Kernel-mode rootkit usually attacks the operating file system. To detect known and unknown kernel-mode rootkit, you must directly access the original volume and perform a clean start to remedy it.
Symantec Norton 2007 uses the VxMS (Veritas ing Service) technology component of Veritas to directly access the raw volume in NTFS format and bypass Windows File System APIs (application interfaces ). This technology enables Norton's Anti-Spyware software to detect and remedy rootkit running at the driver level. Symantec uses the latest Heuristic Detection (Heuristic Detection) for effective defense against unknown rootkit.
Latest Rrootkit detection results
Source: Thompson Cyber Security Labs)
Start building with 50+ products and up to 12 months usage for Elastic Compute Service
1 on 1 presale consultation
24/7 Technical Support 6 Free Tickets per Quarter Faster Response
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.
A comprehensive suite of global cloud computing services to power your business
Payment Methods We Support
