A V G I nternet Sec urity 2 0 1 1 © 2 0 1 0 C opyright A V G T ec hnologies C Z, s .r.o. A ll rights res erved.
5 9
7.12. Anti-Rootkit
A rootkit is a program designed to take fundamental control of a computer system,
without authorization by the system's owners and legitimate managers. Access to the
hardware is rarely required as a rootkit is intended to seize control of the operating
system running on the hardware. Typically, rootkits act to obscure their presence on
the system through subversion or evasion of standard operating system security
mechanisms. Often, they are also Trojans as well, thus fooling users into believing
they are safe to run on their systems. Techniques used to accomplish this can include
concealing running processes from monitoring programs, or hiding files or system data
from the operating system.
7.12.1. Anti-Rootkit Principles
AVG Anti-Rootkit
is a specialized tool detecting and effectively removing dangerous
rootkits, i.e. programs and technologies that can camouflage the presence of malicious
software on your computer.
AVG Anti-Rootkit
is able to detect rootkits based on a
predefined set of rules. Please note, that all rootkits are detected (
not just the
infected
). In case
AVG Anti-Rootkit
finds a rootkit, it does not necessarily mean the
rootkit is infected. Sometimes, rootkits are used as drivers or they are a part of
correct applications.
7.12.2. Anti-Rootkit Interface
The
Anti-Rootkit
user interface provides a brief description of the component's
functionality, informs on the component's current status, and also brings information
on the last time the
Anti-Rootkit
test was launched (
Last rootkit search
). The
Anti-
Rootkit
dialog further provides the
Tools/Advanced Settings
link. Use the link to get
redirected to the environment for advanced configuration of
Anti-Rootkit
component.