Malwarebytes Anti-Rootkit (MBAR) is a tool designed to detect and remove sophisticated, stealthy forms of malware called “Rootkits”. Rootkits are hidden forms of malware which most normal malware scanning tools cannot detect or remove. Rootkits have the ability to infect the very core or ‘root’ of an operating system and hide the existence of certain processes and malicious programs from normal methods of detection. Rootkits can also enable continued privileged access to a computer to make system level modifications, leaving the system heavily compromised. MBAR provides a comprehensive system scan to check for rootkits that includes drivers, MBRs (Master Boot Records) and VBRs (Volume Boot Records).
Malwarebytes Anti-Rootkit (MBAR) has been tested and proven to be effective against the following types of rootkits:
- Kernel mode drivers hiding themselves, like TDL1, TDL2/TDSS, MaxSS, Srizbi, Necurs, Cutwail, etc.
- Kernel mode driver patchers/infectors, embedding malicious code into core files of an Operating System, such as TDL3, ZeroAccess, Rloader, etc.
- Master Boot Record infectors such as TDL4, Mebroot/Sinowal, MoastBoot, Yurn, Pihar, etc.
- Volume Boot Record/OS Bootstrap infectors like Cidox
- Disk Partition table infectors like SST/Elureon
- User mode patchers/infectors like ZeroAccess.
- And many more!