VirTool:WinNT/Rootkitdrv.HQ

Detected by Microsoft Defender Antivirus

Aliases: Rootkit.Win32.Agent.bipu (Kaspersky) Rkit/Agent.bipu (Avira) Trojan.KillProc.KP (BitDefender) RootKit.Win32.Agent.GEN (Rising AV) Rootkit.Win32.Undef.cuo (Rising AV)

Summary

VirTool:WinNT/Rootkitdrv.HQ is a kernel-mode malicious rootkit driver. It is used to delete a specific file, modify registry keys to prevent processes from executing, and terminate processes.

To detect and remove this threat and other malicious software that may be installed in your computer, run a full-system scan with an up-to-date antivirus product such as the following:

Microsoft Security Essentials
Microsoft Safety Scanner

For more information on antivirus software, see http://www.microsoft.com/windows/antivirus-partners/.

VirTool:WinNT/Rootkitdrv.HQ

Summary

What to do now

Technical information

Threat behavior

Installation

Payload

Prevention

Symptoms