Help! How Do You Remove Rootkit Malware on Windows 8?


I'm currently doing research on this malware and so far I see that it is pretty nasty. Luckily for me, I don't have anything that is super personal on this PC. I just know that it is stealthy and it is able to trash your PC by putting in other malware undetected. I detected the virus when doing a McAfee scan and it slows down and gets stuck when it detects "Rootkit". I found out that the virus is put on through a direct attack due to some vulnerability of a password or something. My computer was acting really strange last night and really slow but now it's back to normal speed. I also know that whoever is behind this virus can have complete control of this PC.

Please, any help is very much appreciated and please make it immediate if you can.

I'll go back to doing more research. :(

Tags: Malware

Views: 2035

Replies are closed for this discussion.

Replies to This Discussion

I second everything GM said. I avoid commercial anti-virus/security software because so much of it is just bloatware, sometimes even as bad as a virus. (Although I did like ESET's stuff last time I used it, a couple years ago, even as it costs $.) Microsoft's built-in security software is pretty good now, but it still behooves you to become more aware of the danger of clicking on links and running strange apps unless you know you can trust them. Some rootkits are not even detectable, once they've installed themselves.

I would first run a Malware Scan using Malwarebytes Free. Then run this Rootkit remover from Sophos. One of these will most likely fix the problem.

If not, try a system restore.

To restore your PC to an earlier point in time with Win8.

  1. Swipe in from the right edge of the screen, and then tap Search. (If you're using a mouse, point to the upper-right corner of the screen, move the mouse pointer down, and then click Search.)
  2. Enter Control Panel in the search box, and tap or click Control Panel.
  3. Enter Recovery in the Control Panel search box, and then tap or click Recovery.
  4. Tap or click Open System Restore, and then follow the instructions.

If it is still not working then do as Gallup suggested above.

Rootkits run as soon as the computer system boots, even before windows starts. This makes it possible for them to hide themselves from any form of windows malware detection. The only way to make sure a rootkit gets removed is to boot the system up on a known good disk (i.e. other than the infected hard drive), and run an extensive cleanup of the infected hard drive.

A windows install disk (e.g. CD or DVD) is an example of such a bootable disk, and there are other, non-windows bootable CD/DVD disks that are used for the same purpose. (I forgot the name of those non-windows, bootable systems! GM, do you remember any?) The problem with using them is that they require a bit more expertise, but there's years worth of expertise on forums available for help, assuming you can maintain a separate means of internet access (e.g. another computer) during the repair.

Sorry to recommend such a painful solution, but when it comes to rootkits, a "probable" fix can sometimes become more painful that the sure fix.

I don't mind being corrected, since I haven't messed with Win 8 or rootkit issues for a couple of years now, and my expertise may be out of date. At least it's a good place here to discuss misperceptions, right? (Meanwhlie, Malwarebytes is probably still good software to have and run periodically!)

Here is a list of bootable anti virus CDs; also any linux distro will do, you only need to install ClamAV.

Hirens is useful and you can make a boot cd or USB with it.


© 2015   Created by umar.   Powered by

Badges  |  Report an Issue  |  Terms of Service