Rootkits may seem harmless, but they act as portals or back-door entry points for viruses and other forms of malware.  A rootkit affects your computer at the lowest levels of the machine, kernel, operating system, or application; the design and function of a rootkit makes it quite difficult to remove.  Here are some ways to remove a rootkit from your computer.

Issues With Rootkit Removal

Unlike viruses and malware, rootkits affect only the lowest level of your computer (raw data of the application, application libraries, operating system kernel).  Rootkits are also designed to be concealed.  Most anti-virus software cannot detect rootkits, although they can detect and remove viruses and malicious software that enter and infect your system through a rootkit.

There are some issues with rootkit removal:

• Non-hostile rootkits. Some legitimate programs may use rootkit-like behavior in the application (like disk emulators and some security software).
• Impracticality and inconvenience. Rootkits are concealed programs that bypass many security settings, and it can take a long time before you detect the exact profile of the rootkit and get rid of it completely.  Pinpointing and cleaning a rootkit may take longer than expected, and you may be better off simply reformatting the drive.

Manual Removal

One way to remiove a rootkit is to pinpoint the exact location and attributes of the rootkit, and remove it manually.  Manual removal can take some time, and in most cases should only be employed by computer users who already know the nature, name, and profile of the rootkit:

1. Create a boot disk with a different, clean operating system on a USB disk.  A Linux installation is usually preferred for USB drives because of its reliability and small size.
2. Restart the computer and boot from the USB disk.
3. Once you’ve logged on to Linux, browse the hard disk directories (not the USB root directory) to locate the file or directory that contains the rootkit.
4. Delete the rootkit manually.  You may want to refer to the Internet for particular instructions on how to remove the rootkit.
5. Access the system registry and restore modified registry entries.  You also need to restore registry entries that were added by the rootkit, or restore entries and values removed by the rootkit.

Rootkit Removal Tools

Some programs available from the Web or from computer shops can remove rootkits.  They act with your existing security tools and anti-virus suites and can remove rootkits.  The remedy is not 100% accurate, though; developers of rootkits update their code frequently and regularly to cope up with updates in heuristics and security software.

The easiest and most convenient way to get rid of a rootkit is to back up critical files and reformat your computer.  A complete reformat should get rid of the rootkit, and you can reinstall your operating system and you can restore your files afterward.

Ask a question

Question:
Powered by

[x] Post answer

* Answer:

* Email:

Register

Complete the form below to register with monsterguide.net. Registering an account will allow you to ask questions on any site powered by UnAsked.com

Name Email Password Confirm Password
Powered by

Login

You must be a registered user to ask questions. If you are not registered, Register Now. Otherwise, please login.

Email Password
Powered by

Not Registered