[KB3436] Install ESET Rootkit Detector (Beta) for Mac OS X and run a scan

Issue

  • OS X Mavericks (10.9) is not currently supported by ESET Rootkit Detector (Beta)

Details

A rootkit is a type of malicious program designed to hide and protect malware running on an infected system. Rootkits may be used to hide malicious files, folders, processes or registry keys from detection and/or removal by both malware removal tools and/or manual cleaning. Rootkits can also change the behavior of the infected operating system and introduce additional malware into the system.

Since a rootkit can embed itself deep in the operating system, removal can be difficult without the aid of a tool capable of detecting and removing rootkits. Rootkits are frequently used in combination with other malware to hide the malware from users and security products. If you suspect that your system running Mac OS X might be infected with a rootkit, you can use ESET Rootkit detector to scan your mac.

Solution

  1. Download the application and save it to your Desktop.
     
  2. When the download is complete, double-click the program file to begin installation. Read the End User License Agreement and then click Agree.
  1. Click Scan to begin scanning your system.


Figure 1-1

  1. Enter your administrator username and password and then click OK.


Figure 1-2

  1. If the the application does not detect any rootkits on your system, No rootkits detected will be displayed.


Figure 1-3

  1. If the application detects a rootkit on your system, press Cmd + click (or right-click) the threat and then select Show details from the context menu. We recommend that you leave Submit report to ESET selected so that we can analyze the sample and add it to our detection engine.


Figure 1-4
Click the image to view larger in new window

  1. To remove the rootkit from your system, press Cmd + click (or right-click) the threat and select Unload Kernel Extension from the context menu.


Figure 1-5

  1. Click OK to confirm and then click Rescan. If your system is clean, No rootkits detected will be displayed.