Waldo,

I think what Pk is trying to convey to you is that “rootkits” are user “injected” meaning that the user must first consciously download them.

I don’t know of any occurrence when such a file was used by a hacker to gain control of a computer.

Since they are not truly “viruses” (and they aren’t…more worms), most AVs do not deter their download.

Also, since “rootkits” can have so many different names, it would be very tedious to add the “respective exe” to the Blocker list.

The whole matte lies best with a good firewall that will block unauthorized access to the internet.
As you saw, ZA Pro detected the access attempt.
True, the freeware version did not, but the old saying goes “You get what you pay for”.

techie101