Free Rootkit Removal Programs


Posted by malwarekilla in Anti-Malware HowTo, rootkits on 07 7th, 2009 | 12 responses

This is a quick post on free rootkit removal.  I get 5-10 emails a day on how to remove rootkits,  so I'm hoping this will answer a few of those.

Rootkits can be removed for free with:

1.  A Bootable AntiVirus Disc (like the Avira free rescue cd). Rootkits reside in the system32 folder, so make sure you

scan the entire folder in the bootable disc environment (this method is by far my favorite).

2.   GMER.  Which can be downloaded from: http://www.gmer.net/. Using GMER is pretty simple.   Start it.  Run a scan.

Disable or remove anything that is RED.

3.  Rootkit Repeal.  It's free rootkit removal and can be downloaded from http://rootrepeal.googlepages.com/

4.  UnHackMe.  More free rootkit removal.

5.  ComboFix.  Features the userland rootkit detector.  Typically works best on XP. Not for the inexperienced.

My rootkit removal video will demonstrate each of the above methods.



Share and Enjoy:
  • Print
  • Digg
  • del.icio.us
  • Facebook
  • Mixx
  • email
  • LinkedIn
  • Propeller
  • Twitter

Most Commented Posts

Related posts:

  1. Atapi.sys Rootkit is EVERYWHERE! Man...every client I've seen for the past 2 weeks...
  2. Nasty New Rootkit Patches Atapi.sys For the past 7 days I've been seeing a...
  3. Free Malware Removal Every couple of months I like to let people...
  4. Skynet Rootkit – When Malware with Movie Names Attack! No, the global A.I. network of man killing machines...
  5. Malware Status for Summer 09 – Notes To Self My malware removal business has exploded this month. More...

Related posts brought to you by Yet Another Related Posts Plugin.


bookmark bookmark bookmark bookmark bookmark bookmark bookmark bookmark bookmark bookmark bookmark bookmark
tabs-top


12 Responses to “Free Rootkit Removal Programs”

  1. Jimmy James says:
    July 7, 2009 at 2:42 pm

    I use a couple of program like ‘OTListIt’ which lists all files created/edited in 30day/2months/3months. Perfect for fining 0 day infections

  2. JJ says:
    July 7, 2009 at 5:58 pm

    I am very interested in this as these seem to be the worst threat. Many free AV programs miss the rootkit and it is hard to remove.

    I recall Matt saying Dr. Web had the best rescue disk to “repair” files after a rootkit attack. Other rescue disks and combofix can make windows XP unusable and make a re-installation of windows necessary.

    Which rescue disks and other remedies are good at repairing a windows installation so a reinstall is not necessary after a rootkit attack?

  3. JJ says:
    July 7, 2009 at 7:09 pm

    http://remove-malware.com/antimalware/anti-malware-howto/how-to-remove-a-patching-virus-w32virut-w32sality/

    This is the video I was thinking about.

    Sality and Virut. Matt said a solution needs to be able to repair the affected files instead of just deleting them.

    Thanks in advance for the info.

  4. AviraUser!!!! says:
    July 7, 2009 at 7:47 pm

    There’s another program – rootkit revealer by safer networking:-)

  5. ryan says:
    July 7, 2009 at 7:48 pm

    ok first of all if you want to remove rookkits/ spyware to go this web page.

    http://www.superantispyware.com
    http://www.malwarebytes.com
    those will remove any spyware superantispyware has tools to recover your system from malware damage but i use both.
    now for your anti virus and prevention when security essentials becomes avalibul i sugest you download that for now youcan go to this web site for your anti virus

    http://www.comodo.com

    they have a great free anti virus. do not download avg free anti virus its stinks removeing malware avg free dose not remove rootkits to many people have avg free and think there fully protected but there not avg free dose not detect rootkits!!!!!!!!!!!!!!!!!!!!!!!!! thats why poeple are haveing a hard time with rootkits everyone uses *avg free*

  6. ryan says:
    July 8, 2009 at 1:54 am

    http://www.superantispyware.com
    http://www.malwarebytes.com
    http://www.comodo.com
    all the tools you need to stay protected.
    do not use avg free it dose not detect root kits

  7. ryan says:
    July 8, 2009 at 7:00 am

    how come when i give people links to superantispyware
    and malwarebytes and comodo like http://www.comodo.com its says comment awaiting moderation????? wtf???? and it dosent show up

  8. malwarekilla says:
    July 8, 2009 at 6:01 pm

    @Ryan – if you haven’t commented before or for awhile I need to approve it. Sorry for the delay.

  9. Jonathan says:
    July 8, 2009 at 7:32 pm

    Hi,

    I use AVG Free And TreatFire, Threat fire has a built in rootkit scanner so any root kits should not get past that. I think the reason that AVG Free dose not contain a rootkit scanner is because its one of the ways they sell their paid products as it is a benefit of buying the full version.

    Matt have you got any ideas when the KAV 2010 review will be uploaded?

    Thanks

  10. Vasilis says:
    July 8, 2009 at 8:09 pm

    Correct me if I’m wrong but I don’t think that AVG does not have rootkit protection.It just has not a rootkit scanner,to reveal hidden files.But for prevention it doesn’t have a difference with the paid version.At least I think so…It has hapened for me to stop threats named rootkit..something.

  11. Jonathan says:
    July 8, 2009 at 8:38 pm

    @Vasilis, It says on their website (http://www.avg.com/uk.product-avg-anti-virus ) Protection but if in the Free version their is an option to enable rootkit scanning but its disabled because its the free version as i remember from when i had the full version trail you could enable it it?

    Hope thid helps clear up the confusion

  12. Nashua says:
    July 9, 2009 at 10:23 am

    Nice post!

Leave a Reply