What Is A Rootkit
Rootkits according to Wikipedia:
A rootkit is a collection of computer software, typically malicious, designed to enable access to a computer or an area of its software that is not otherwise allowed (for example, to an unauthorized user) and often masks its existence or the existence of other software.
I thought I had one because when I went to reply to some comments from here (or to comment on another site), I would go to the email field, click on it and the auto-fill options would display. A strange email would display that wasn’t mine: correo@ejemplo.com. I thought it was a browser issue but couldn’t find it in any of the saved data. I checked online forums but couldn’t find any suitable solution. So I put the address in a search engine and it would end up at some Spanish websites. I was convinced it was a Spanish email so I put the words correo and ejemplo in Google translate. Correo means mail and ejemplo means example. So, in English it’s mail@example.com. Now I understood. It was giving an example of how to format an email address, but in Spanish, so I didn’t understand what it meant. This happens only on a WordPress site.
Some Recommendations
So I found no Rootkit but if you suspect one on your system, here are my recommended scanners:
1. Malwarebytes
Open Malwarebytes. Click on Settings, down the left-hand side, then the Protection tab across the top. In the Scan Options section, click on the little switch by Scan for rootkits if not already on.
This one also scans for Rootkits but I couldn’t find any specific settings that referenced it.
3. TDSSKILLER
Accept the license agreement and statement when starting. It’s recommended to click on Change parameters, then check both Verify file digital signatures and Detect TDLFS file system. Then click OK, and then Start scan.
Make sure all options are checked and click on the Scan Now button.
Just hit the Start Scan button.
I also tried one called aswMBR but it caused my system to Blue Screen so I’m hesitant to recommend it. So, what are your recommendations? Mention your choice in the comments.
—
Well Terry, I rely on KIS and Malwarebytes. Both are registered versions (not the free ones). They work very well together. Highly recommend both as I have used them for many years. The reason we install security software is not to just remove something once you are infected, rather to protect and prevent you from getting infected. Hope this makes perfect sense to all, Mindblower!
Thanks for another excellent tutorial.
Avast Free also does an exscellent job of protecting you against Rootkits.
https://www.avast.com/en-us/index#pc
Doesn’t Windows Defender Offline also scan for rootkits? And what about Microsoft’s Malicious Software Removal Tool? Both of these are built into Windows.
Most anti-virus programs should be able to scan for rootkits today. At one time Malwarebytes use to have the rootkit scanner disabled by default. Keep in mind no program, paid or free is 100% perfect so it doesn’t hurt to have a second opinion or even a third.