It doesn’t appear to be doing anything.
Okay, here’s the sitch. Being a good boy, I have multiple anti-malware programs running on my personal laptop. These include the for-pay version of AVG Anti-virus and the free version of Trend Micro Rootkit Buster, as well as a couple of different anti-spyware programs. I update and scan all of them at least once a day, as well as avoiding downloading bit-torrents and other such risky files. I tend to run AVG’s anti-rootkit feature manually, as the program advises me to minimize computer use while it’s running.
Looking over the AVG log, I notice a pattern. When run by itself, the AVG rootkit killer has not found any problems it did not resolve in several months. But if I run Trend Micro rootkit buster immediately before running the AVG rootkit killer, it often finds a hidden drive it describes thus:
“Object name”;“C:\Windows\system32\DRIVERS mcomm.sys”
“Detection name”;“Hidden driver”
“Object type”;“file”
“SDK Type”;“Rootkit”
“Result”;“Object is hidden”
“Action history”;""
When I see this I always follow the directions, including the immediate reboot,. If I run both AVG and Trend Micro immediately after the reboot the system seems to be clean. Nonetheless, AVG often, but not always, reports the presence of the above-referenced rootkit when I run the RootkitBuster & AVG in sequence as I have just described.
My system seems to be running fine. I’m not experiencing any hijacks in any of my three browsers (I use Firefox most of the time, Explorer for a few, and Chrome for a few others). Other than the anti-malware stuff, programs I use most often are, in no particular order, Excel, Powerpoint, Word, Realplayer, MS Media Player, and the Shorter OED, and the browsers; none of them is acting in any way peculiar. In general, every program on the system runs quickly and smoothly.
Should I care about this hidden driver?
ETA: I also run Windows Update daily and am certain everything is current there. My operating system is Vista Home Premium, and the personal laptop is a Toshiba Satellite L305.