Rootkits are malicious programs that grant Internet attackers unlimited access to a system, while concealing their presence. Rootkits, after accessing a system (usually exploiting a system vulnerability), use functions in the operating system to avoid detection by antivirus software: they conceal processes, files and Windows registry data. For this reason, it is almost impossible to detect them using ordinary testing techniques.
When it comes to rootkit prevention, you must remember that there are two levels of detection:
-
When they try to access a system. They are still not present, and are therefore inactive. Most antivirus systems are able to eliminate rootkits at this level (assuming that they actually detect such files as being infected).
-
When they are hidden from the usual testing. Users of the ESET antivirus system have the advantage of Anti-Stealth technology, which is also able to detect and eliminate active rootkits.