An antivirus scans the files and processes in your Microsoft Windows computer to detect the presence of signatures characteristic associated to a malware or via intelligent heuristically method. Unfortunately, a rootkits virus is coded in a way to mask their presence by either hiding the files from the scanner or by actively refusing file access when requested by the scanner. Most of the time they are able to sneak into the system, and when they do, it tends to stick itself deep inside the system.
What Is A Rootkit Virus?
A rootkit is a stealthy type of software, it is designed to hide the existence of certain processes or programs from normal methods of detection and enable continued privileged access to a computer. Rootkit detection is difficult because a rootkit may be able to subvert the software that is intended to find it. In most cases, you will need a special antivirus software to root out the virus. Wikipedia has more on Rootkit.
How To Know If My Windows Is Infected With Rootkit?
The only way to know is to download one of these anti-rootkit detection software. In some cases, the rootkit virus found a way to disable your antivirus, the best method to clean your system is to perform a scan via DOS.
Preparation Before Cleaning The System
Rootkit detectors are a specific class of antivirus programs. Most of the time you are required to disable the ‘System Restore’ feature and boot into safe mode via F8 and perform the cleaning.
My favorite is McAfee Rootkit Detective. It is always up to date, simple and easy to use. If you suspect your system is infected yet the genuine antivirus doesn’t show any sign of your Microsoft Windows is contaminated, do try the following antirootkit software.
Download 15 Anti-Rootkit Tool
- Avira AntiRootkit Tool
- Avast! Antirootkit
- Helios Lite
- McAfee Rootkit Detective (Favorite, Best)
- Radix Antirootkit software
- Dr. Web DwShark
- F-Secure Blacklight
- Sophos Anti-Rootkit
- Rootkit Hook Analyzer
- Panda Anti-Rootkit (Online Anti-Rootkit)
- Panda Anti-Rootkit (Offline, discontinued)
- Rootkit Buster from TrendMicro
- AVG Anti-Rootkit (Discontinued)
- Windows Malicious Software Removal Tool
- Hypersight Rootkit Detection
How Do I Use These Antirootkits?
Like a critical task, always do a full backup of your files, preferably to an external hard disk. With so many freeware, don’t pay for an anti-rootkit software unless you are sure the paid version has the capability to remove that specific rootkit virus that has infected your system. McAfee is by far one of my favorite, and seeing that Norton being the biggest security company with almost no free software, not even a simple rootkit detector, I am somewhat disappointed.
- Backup your data
- Disable “System Restore” in Windows. Read: How to Enable and Disable System Restore
- Boot into ‘Safe Mode’ for Windows by hitting F8 during bootup
- Perform a deep scan to detect and remove the rootkit virus
7 Cyber-security Myth Busted
While scanning, take your time and enjoy this nice info-graphic.