rootkit


Also found in: Dictionary, Thesaurus, Medical, Legal, Wikipedia.

rootkit

A type of Trojan that keeps itself, other files, registry keys and network connections hidden from detection. It enables an attacker to have "root" access to the computer, which means it runs at the lowest level of the machine. A rootkit typically intercepts common API calls. For example, it can intercept requests to a file manager such as Explorer and cause it to keep certain files hidden from display, even reporting false file counts and sizes to the user. Rootkits came from the Unix world and started out as a set of altered utilities such as the ls command, which is used to list file names in the directory (folder).

Legitimate Rootkits?
Rootkits can also be used for what some vendors consider valid purposes. For example, if digital rights management (DRM) software is installed and kept hidden, it can control the use of licensed, copyrighted material and also prevent the user from removing the hidden enforcement program. However, such usage is no more welcomed than a rootkit that does damage or allows spyware to thrive without detection. See Trojan.
Mentioned in ?
References in periodicals archive ?
Once the rootkit is detected and removed, the security specialist should identify the specific strings of code and make sure that the code is built into the monitoring system.
Rootkits work at the lowest levels of the operating system (OS) they intend to attack.
The only reliable way to cure a rootkit infection is to re-install the operating system and applications.
Rootkit Detective was developed by Avert(R) Labs, McAfee's top-ranked global security threat and research organization.
These rootkits are implemented as device drivers in Windows platforms and LKM's (Loadable Kernel Modules) in Linux.
This incredibly lightweight and hassle-free solution protects home users' PCs against malware, spyware, rootkits and the latest viruses.
Anti-rootkit module- detects and removes rootkits, which can secretly control a user's computer
Unlike other tools available, Sophos Anti-Rootkit warns if removal of a particular rootkit will impact upon the efficiency or integrity of the infected PC's operating system.
A rootkit is a set of software tools placed on a computer by a third party and intended to conceal running processes, files or system data.
In comparison, a rootkit can function at the operating-system level.
Leading Security Experts to Showcase Dramatic Rootkit Affecting Millions of Laptops
What makes The Mask special is the complexity of the toolset used by the attackers, including an extremely sophisticated malware, a rootkit, a bootkit, Mac OS X and Linux versions and possibly versions for Android and iOS (iPad/iPhone).