Anti-Rootkit Protection in True Protection
Anti-Rootkit Protection
Rootkits are among the most dangerous types of malware because they hide deep within your operating system, often invisible to standard scanning methods. True Protection by Jag includes a dedicated anti-rootkit engine to detect and remove these stealthy threats.
What Are Rootkits?
A rootkit is malicious software that provides continued privileged access to a computer while actively concealing its presence. Rootkits can:
- Hide malicious processes from the task manager
- Conceal files and registry entries from the operating system
- Intercept and modify system calls
- Disable or evade other security software
- Persist through system reboots
How True Protection Detects Rootkits
- Cross-View Analysis: Compares the operating system view of files and processes with a direct disk and memory scan to find discrepancies that indicate hidden items.
- Kernel-Level Inspection: Examines kernel data structures and system call tables for unauthorized modifications.
- Boot Record Analysis: Checks the master boot record and volume boot records for tampering.
- Driver Verification: Validates all loaded drivers against known legitimate signatures.
Running an Anti-Rootkit Scan
The anti-rootkit engine runs automatically during Full System Scans. You can also launch a dedicated rootkit scan from Tools > Anti-Rootkit Scanner. For best results, close all other applications before running this scan, as it performs deep system analysis that works best with minimal interference.
Was this article helpful?
Thank you for your feedback!