Anti-Rootkit

pappi

Banned
Out of curiosity I ran a beta Malwarebytes Anti-Rootkit scan and found 4 trojans. Upon removal, my laptop is so much much faster I never realized I was slowed down by malwares, to begin with.

Why were these trojans not picked up by MSE' Real-time Protection and MBAM prior to anti-rootkit scan. What are rootkits? Why are they named differently from "normal" malwares and why they required "anti-Rootkit" program for detection and removal?
 

My Computer

System One

  • Manufacturer/Model
    pavilion dv7-1170us
    Memory
    4GB
    Graphics Card(s)
    NVIDIA GeForce 9600M GT
    Monitor(s) Displays
    Generic PnP
    Screen Resolution
    1440 x 900
    Hard Drives
    1 298.09 fujitsu G2 ATA Device
    Keyboard
    IBM enhanced 102-key
    Mouse
    Synaptics PS/2 Port TouchPad
Unlike "normal" malware, a rootkit runs in system address space, sometimes known as kernel mode. This gives this class of malware greater scope for their activities and makes them more difficult to detect. Special techniques must be used.
 

My Computer

My attempt to understand rootkit led me to user code and kernel code computerese. I gave up.

I'll just run anti-rootkit scan regularly between "normal" MSE and MBAM scans.
 

My Computer

System One

  • Manufacturer/Model
    pavilion dv7-1170us
    Memory
    4GB
    Graphics Card(s)
    NVIDIA GeForce 9600M GT
    Monitor(s) Displays
    Generic PnP
    Screen Resolution
    1440 x 900
    Hard Drives
    1 298.09 fujitsu G2 ATA Device
    Keyboard
    IBM enhanced 102-key
    Mouse
    Synaptics PS/2 Port TouchPad
Back
Top