Top 3 Tools To Remove Rootkits

Top 3 Tools To Remove Rootkits and Prevent Them from Infecting Your PC


I may have a rootkit, how do I get rid of it?

If you suspect you have been infected, there are a few steps you can do. First, run a regular virus scan. The simplest ones can be removed with the most up-to-date antivirus programs. The scans can be run in safe or regular mode, however true rootkits may not show up easily. A better option is to use specialized rootkit detectors like the ones below.


1. TREND MICRO ROOTKIT BUSTER

Trend Micro makes a small but powerful Rootkit Buster that scans your computer’s system folders and Master Boot Records (MBR) for rootkits. It allows you to perform a selective target scan for different locations such as Registry Keys and File Streams.





2. SOPHOS ANTI-ROOTKIT

Sophos makes the free Anti-rootkit application that is a simple yet powerful tool for both new users and experienced ones. It provides a graphical and a command line user interface that allows selective operation. The scanner checks the entries it finds with those in its database and provides with detailed information on them. It is also available for a large variety of platforms.





3. MICROSOFT ROOTKIT REVEALER

Microsoft also makes its Rootkit Revealer that uses advanced tactics such as name hopping to stop smart rootkits from recognizing the scan and hiding. It however does not include a command-line interface like Sophos anti-rootkit.




It is best if these are run when the computer is disconnected from all networks. A more complex option is to run a boot disk/drive that will start your computer independently and allow you to scan hard drives and boot records.

If you have no other alternative, then a format and re-install of your operating system may be in order. This will not affect computers with an infected BIOS; however such infections are rare and cannot be contracted through ordinary means. They can only be removed by experts.


So how do I protect my PC?

It is said that an ounce of prevention is better than a pound of cure. Needless to say that all conventional methods for protecting a computer against viruses must be practiced anyway, but additionally, the user can take the following steps:

* Install software only from trusted sources. Non-essential programs should be locally installed
for the user so that they do not have access to system spaces.

* A strong firewall will make it harder for an external attacker to make use of an infected
computer.

* Regular scans of the computer will ensure any problems are nipped in the bud.

Rootkits will continue to be a threat with the spread of the internet to all corners of the world. A little safe computing and knowledge will keep your forearmed.


Also read, What is a rootkit?


-

Nice post buddy. Stickied.

Just a quick note that we use TDSSKILLER from Kaspersky and NORMAN TDSS cleaner and work very well.

Ive only recently used TDSSKILLER myself and it found one problem but i think before removing what any of these find it should be looked into detail first as it could delete something related to running the computer. I deleted a false positive and had to do a system repair with the recovery disc.