I noticed for the past month that everytime i would click on a link on google, it would send me to a different site randomly. I ran Malwarebyte and noticed i had ROOTKIT, so I did the whole deletion thing, but again it would be back. I realized through research that rootkit is pretty hard to get rid of.....
-----------------------------------------------------------
What is ROOTKIT?
A rootkit is a stealthy type of software, often malicious, designed to hide the existence of certain processes or programs from normal methods of detection and enable continued privileged access to a computer.[1] The term rootkit is a concatenation of "root" (the traditional name of the privileged account on Unix operating systems) and the word "kit" (which refers to the software components that implement the tool). The term "rootkit" has negative connotations through its association with malware.[1]
Rootkit installation can be automated, or an attacker can install it once they've obtained root or Administrator access. Obtaining this access is a result of direct attack on a system (i.e. exploiting a known vulnerability, password (either by cracking, privilege escalation, or social engineering)). Once installed it becomes possible to hide the intrusion as well as to maintain privileged access. The key is the root/Administrator access. Full control over a system means that existing software can be modified, including software that might otherwise be used to detect or circumvent it.
Rootkit detection is difficult because a rootkit may be able to subvert the software that is intended to find it. Detection methods include using an alternative and trusted operating system, behavioral-based methods, signature scanning, difference scanning, and memory dump analysis. Removal can be complicated or practically impossible, especially in cases where the rootkit resides in the kernel; reinstallation of the operating system may be the only available solution to the problem. When dealing with firmware rootkits, removal may require hardware replacement, or specialised equipment.
-------------------------------------
Thankfully I didn't have a serious Rootkit problem, so what I used is.
Kaspersky TDSSKILLER (free)
Malwarebyte (free)
I used both of them (FULL SCAN) to rid myself of the problem, since then there hasnt really been anything suspicious. It worked pretty well for me, so try for yourselves. It's always worth a try right?
Tips:For future protection
- run FULL scans on a weekly basis, and try to run quick scans whenever you can.
- Increase your security measures
- Avoid downloading files from sketchy websites
- Research softwares before downloading
- Always clear your History, Cookies and Temp files (weekly)
If you have any questions, leave it in the comment section below.
