Home      Products      Services      About us      Contact      Publicity      Legal      Wallpapers      TV free online      Spanish  

    Free AntiVirus
     Free AntiSpyware
     Free Firewalls
     Free AntiSpam
     Free AntiDialer
     Free AntiPopup
     Free AntiRootkit
     Free Utilities
     Creator of Image

    Antivirus On line
    AntiHackers Online
    AntiSpyware Online
    Test Ports Online
    Test Speed On line
    Show True IP

    Boot Disk
    Disk Manager
    Tools Antivirus

  Concept of Virus
    Concept of Spyware
    Concept of Hackers
    Concept of Dialers
    Concept of Rootkits
    Concept of Spam
    Concept of Exploit
    Concept of Phishing
    Concept of Hoax

    To buy a PC
    To install Windows

    The Prevention
    The Disinfection
    The Recovery
    Useful indication
    Gmail Hard disk

  Critical Patches
    New Alerts
    The new News


Rootkit it is a set of tools used frequently by the computer science intruders or crackers that is able to accede illicitly to a computer science system. These tools serve to hide the processes and archives that allow the intruder to maintain the access to the system, often with malicious aims. 

There is rootkits for an ample variety of operating systems, as Linux, Solaris or Microsoft Windows. For example, rootkit can hide an application that it connects a console whenever the attacker connects itself to the system to traverse of a certain port.Rootkits of kernel or  nucleus can contain similar functionalities. 

A backdoor can also allow that the processes sent by a user without administrator privileges executes some functionalities reserved solely to the superuser. All type of useful tools to obtain data of illicit form can be hidden by means of rootkits 

¿Which are their objectives? 

They try to conceal to other processes that are carrying out malicious actions in the system . For example,if in the system there is a back door to carry out espionage tasks, the rootkit it will hide the open ports that they expose the communication; or if there is a system to send Spam, it will hide the activity of the mail system.

Rootkits, when being designed to happen unnoticed, they cannot be detected. If a user tries to analyze the system in order to see what processes are being executed, rootkit will show deception, showing all the processes except he himself and those that are hiding.

Or if it is tried to see a listing of the files of a system, rootkit will cause that is that information but hiding the existence of the own file of rootkit and of the processes that it hides.

When the antivirus makes a call to the operating system in order to verify what files it has, or when it tries to find out what processes are in execution,The rootkit will falsify the information and the antivirus will not be able to receive the correct information to carry out the disinfection of the system.

¿How to come up to us? 

A system is necessary that watches not solely the activity of the archives in the disk, but that goes further on. Instead of analyzing the archives byte to byte, it must be watched what they do when executing itself.

Rootkit needs to carry out some tasks that could be considered “typical”, like acquiring rights of root, to modify basic calls to the operating system,To falsify systems of report of information of the system...  All these tasks, one to one, involves little danger. But all of them, meetings and at the same moment, carried out by the same program, they provide clear information that something strange is happening in the computer. If the solutions antivirus fail definitively to the hour to detect rootkit, the new technologies of detection of threats by behavior have their better test of effectiveness in the detection and blockade of rootkits. These technologies previously do not base their operation on conditioners learned on closed patterns of identification of threats. Its success is based on the intelligent investigation and automatic of the situation of a process in a computer.

When a series of actions is carried out on the system and all of them (or, at least, some) they can suppose a risk for the integrity of the information or the correct operation of the machine, a series of factors is evaluated that serve to describe the danger as that task. For example,That a process wants to take rights of administration in a system it(he,she) can be more or less habitual. And it has a certain risk, without a doubt, but it is not necessary to alert for that reason. A simple installer for a game can need to have administrator right to be able to carry out the modifications necessary and to be able to execute itself correctly.

Or for example, it is possible that a determined process must remain hidden, since interaction possibility does not exist, or that a determined process opens a concrete port in communicating, or that registers pulsations of keys. But all those characteristic meetings do that the process it is possible to be considered as a threat and an analysis in depth to be able is necessary to authorize the execution of safe way.

Once infected,  ¿What to do? 

In spite of which it comes saying itself, rootkits can be eliminated (although not so easily). These programs are autoprotegen hiding and avoiding that no other process (as a antivirus) can detect them. But so that that process can be hidden, it must be in activated operation and in memory.

The best way to avoid than the process between in action, it is to avoid the starting of the operating system in the disc in which is rootkit, using a disc different from the one from the infected system; as it can be  CD. Thus, if rootkit is well-known, it will be able to be eliminated. 

Nevertheless, if rootkit is not known (that is to say, that has been developed specifically for a system in concrete), any antivirus will fail. In this case, the computer science problem is almost less important: there is a person who, deliberately, it wants to make damage to its company and it has been bothered in entering the system to harm to him.


1. The AntiSpyware de Microsoft will protect against rootkit of Sony 

Microsoft Windows AntiSpyware (still in phase beta) it will detect and eliminate of our operating system rootkit of Sony. For it it is not necessary to make nothing special, since this functionality will be included in the updates (weekly) of the product, with which as of the week that comes, lthose that they have installed this anti-spyware will have the protected equipment. It can unload it from the connection of unloadings of antispyware

2. Demand to Sony BMG by its technology antipiracy  (Rootkit)

Record Sony BMG has was demanded  (11/2005) by means of a public interest action in California by the consumers who affirm that their computers they have been damaged by software antipiracy of some CDs of this company. 

The demand asserts that  Sony BMG it acted bad when not revealing the true nature of the management system of digital rights that use in their CDs and thousands of users have infected their computers without knowing it, according to documents of the court. 

The denunciation, interposed the 1 of November in Superior court of the Angels , it requests to the cut that protected Sony BMG lets sell CDs additionally with software antipiracy and economic compensations for the Californian consumers who acquired them. 


¿CDS of Sony with Virus?: To think that a company "as "serious" as Sony has put these rootkits in your CDs "to "prevent" them from pirating is scandalous. Now that we can hope of other companies that the prestige of Sony does not have?, perhaps they will have the pretext "If Sony did it because not we?. Any company has all the right to protect its productions and creations, but not to modify - to manipulate the operating system of the user without its consent. 




Recommend     Favorites     This Page Your Start Page     Legal     Contact     About us

 Webstats4U - Web site estadØsticas gratuito

El contador para sitios web particulares