Rootkit Virus

[Saajuk]

There is this program called Rootkit that I have found when scanning my anti virus. During scanning the Word "RootKit" pops up every few seconds. I read that its a type of virus that normal scanners and such wont pick up and will just ignore. Has anyone had this before? How can I get rid of it.

 

[mikeymikec]

It's not so much that anti-virus scanners ignore something, they simply can't detect it (possibly) because the primary aim of a rootkit is to be undetectable.

Screenshot?

 

[Saajuk]

and the word Rootkit pops up every few seconds in the first 5-10 minutes. I might need to reimage but how can I do that w/o the installation disk? My laptop never came with one

 

[seepy83]

From your screenshot, it looks like that is McAfee telling you that it is currently running its rootkit detection part of the scan. It's a progress indicator, not an indication that it has found a rootkit on your system.

 

[Saajuk]

I hope thats the case. Ive never seen that being scanned before but the software has updated itself multiple times within the last couple of weeks so it might be new. What exactly are the indicators of having this Rootkit?

 

[lxskllr]

What exactly are the indicators of having this Rootkit?

If it was made well, absolutely nothing. You might find instability in programs that worked fine previously, or unexplained network traffic.

 

[mikeymikec]

An indicator of a rootkit (apart from an outright detection of it by security software) could be any unusual behaviour (but they are designed to not be detectable, so no symptoms would be ideal as far as the designer's intent is concerned). Rootkit tactics (in my experience) involve either a device driver / system service masquerading as something legitimate or something hijacking the boot process (ie. starting with the boot sector and coupling it with a dodgy driver).

Despite my low opinion of McAfee, I would be surprised if it acknowledged that it had scanned a rootkit but then moved on to the next item to scan.

I agree with seepy83, it's just McAfee's poor choice of wording.

 

[Billb2]

Malwarebytes Anti-Rootkit BETA

http://www.malwarebytes.org/products/mbar/

 

[xgsound]

Your screenshot shows that the A/V is searching for a rootkit; not that it has found one. It is good that it is looking and not found anything.

A rootkits goal is not remain undetected, so to be more assured that there is not a rootkit, install and run rkill and tdsskiller (or your preferred anti-rootkit program) from the following link. http://www.bleepingcomputer.com/download/tdsskiller/ These are the two rootkit detectors that I have found to be most effective.

Jim

 

[nemesismk2]

i use AVG 2014 because it searches for Rootkits

 

[MrColin]

rootkit is a very general term: http://en.wikipedia.org/wiki/Rootkit

 

[Johnny4]

Oshi Unhooker is a lightweight and portable software application that scans your computer for rootkits and attempts to extract and remove them.