Hit Any Key...

[HOME]2:53 PM December 27, 2019

Rootkits

Rootkits according to Wikipedia: https://en.wikipedia.org/wiki/Rootkit

"A rootkit is a collection of computer software, typically malicious, designed to enable access to a computer or an area of its software that is not otherwise allowed (for example, to an unauthorized user) and often masks its existence or the existence of other software."

I thought I had one because when I went to reply to some comments from here (or to comment on another site), I would go to the email field, click on it and the auto-fill options would display. A strange email would display that wasn't mine; correo@ejemplo.com. I thought it was a browser issue but couldn't find it in any of the saved data. I checked forums on-line but couldn't find any suitable solution. So I put the address in a search engine and it would end up at some Spanish websites. I was convinced it was a Spanish email so I put the words correo and ejemplo in Google translate. Correo means mail and ejemplo means example. So in English it's mail@example.com. Now I understood it. It was giving an example on how to format a email address, but in Spanish, so I didn't understand what it meant. This seems to happen only on Wordpress site.

email-field-correo-at-ejemplo

So no rootkit but if you suspect one on your system, here are my recommended scanners.

1. Malwarebytes https://www.malwarebytes.com/

malwarebytes-settings-protection-scan-for-rootkits

Open Malwarebytes. Click on the Settings, down left hand side, then Protection tab across the top. In the Scan Options section click on the little switch by Scan for rootkits if not on.

2. Superantispyware https://www.superantispyware.com/

This one also scans for rootkits but I couldn't find any specific settings that references it.

3. TDSSKILLER https://support.kaspersky.com/viruses/utility#TDSSKiller

kaspersky-tdsskiller-change-parameters

Accept the license agreement and statement when starting. It's recommended to Click on Change parameters then check both Verify file digital signatures and Detect TDLFS file system. Then OK and then Start scan.

kaspersky-tdsskiler-additional-options

4. Trend Micro http://downloadcenter.trendmicro.com/index.php?regs=NABU&clk=latest&clkval=355&lang_loc=1

trend-micro-rootkit-buster

Make sure all options are checked and click on the Scan Now button

5. BootkitRemoval https://labs.bitdefender.com/2013/02/rootkit-remover/

bitdefender-removal-tool

Just hit the Start Scan button.

I also tried one called aswMBR but it caused my system to Blue Screen so I'm hesitant to recommend it. So, what are your recommendations. Mention your choice in the comments.