Please run a SysProt log for us so we can check your system for rootkit activity. You will need to disable Norton auto-protect while you run the scan, as well as any other antimalware program you may have installed on your PC.Once it is downloaded to your desktop, right click on the SysProt icon, go to properties, and click unblock and apply.Choose log, check all the boxes except show hidden objects only and then scan.You will be able to post the log here using the "add attachments" link just below the orange post button.You can download SysProt from herehttp://homepages.slingshot.co.nz/~crutches/SysProt
Are you asking because you suspect a rootkit on your computer or because you are simply interested in this atrocious phenomenon?
In the first case, please follow mdturner's suggestion.
Rootkits are not all that stealthy. As you can see from looking at some of the threads, the first thing they do is shut down your Norton. It will not scan. You may be prevented from going to security oriented websites. If you try to download MBAM or SAS it will probably not download, or it will not run.
Your computer will soon begin to show the malware that is downloaded by the rootkit. DNSchangers, and rogue antivirus and many others. A rootkit infection is not something you are going to fail to notice. You might not know what it is until confirmed, but there will be no doubt in your mind that you have a serious infection.
You can check out a Wikipedia article on rootkits over here:
From the article of rootkits...it seems to be xtremely DEADLY, worst is that there aren't any ways to remove it. In that case, NIS or Malwarebytes or any rootkits killer would be useless.....
joestay wrote:Oh, I'm just asking because I became interested with it from seeing the post on this forum. So I went and read the wikipedia about rootkit and saw how crazy it could be. What if there's a keylogger or some other program that could not be detected because of the rootkit? I was just wondering how you could tell. Is reformating the hard drive to factory condition remove the rootkit and make the system clean again?
PC_confused wrote: If I've read a lot of these postings correctly, even a complete reformatting of the hard drive might not remove a rootkit infection. I don't know where it could hide, but there must be someplace somewhere. Looks like it's best to wait for a GURU to tell you what program to run, post the results and wait for more instructions. I think that would be the hard part, just waiting..
The posters question was hypothetical!!
Its unlikely that it would go unnoticed. Possibly the rootkit all by itself, but rootkits generally (probably always) download additional malware. So basically if you're connected to the net, you'll notice yourself getting lots of virii, even though you may not be browsing the net or downloading anything yourself.
you'll notice crashes, system slow downs, access right error etc. all that kind of thing. maware is malicious, and malevolent actions never go unnoticed. Most people can't remove rootkits - in fact the vast majority can't, including myself - and so if you have no one who can remove it for you, a low-level format may be able to.
There are currently 6 users online.