Nova Rider

World of information technology need to be vigilant. Rootkits technology , which have the same ability with the operating system, has been used to bring the virus into the computer.

Rootkits is a software which designed specifically to manipulate the operating system directly to the hardware.

According to antivirus specialist Anvie Anzav, Rootkits, which have access to the higher than administrators, the same as the operating system. “Initially Rootkits created to help restore the administrator password is lost but had misused for the damage, create viruses, and even make a bomb,” said Anvie in Indonesia Hacking and Security Conference at Jakarta Convention Center (JCC), Saturday (15/11).

Anvie says Rootkits can create an object is not visible (stealth). This function creator of the virus used to disappear so it self is not detected by antivirus software. Rootkits can also use the access rights from the admin higher than that with the operating system so that it can do all the things that made the operating system.

Impact is the most Rootkits can explode if a computer virus technology with Rootkits can govern the hardware to do what, for example, the processor. “The rule (the processor)’s operating system that provides access to standard processors that can not exceed the limit of about lap or was working on. So Rootkits can use the processor without the permission of the operating system. It can tell the processor continuously rotating at high speed, and how lap never finished, finally sound of gunshot, and explode! ” Anvie said.

Difficult to detect

The existence of the virus fully difficult Rootkits detected by antivirus software, in some cases even computer viruses that have infected fully Rootkits will reject if users want to install antivirus software.

This is influenced by how Rootkits work, for example, Direct Kernel Object manipulation (DKOM) where the object in memory manipulated. “When the process is running Rootkits removed the object, so the operation did not know there are processes that are running. Or when deleted, rootkits slew command,” said Anvie.

So how to overcome them? Anvie says Rootkits can be detected with a simple comparison to make between the object and RAW snows and access to the dump (data) in the physical memory directly.

Devices that can help, among others, Ice Sword or Rootkits Revealers. However, according to Anvie, Ice Sword is supporting applications that can only remove Rootkits normal. If the head of Rootkits and rough entrance, all of the operating system can be so open-block computer can not be done. So, what should I have to prepare? “You prepare with black magic,” said the Anvie with a laugh.