A rootkit is a virus that enters the system and begins to harm. He knows how to hide both his traces of activity and partner viruses. It does this by capturing low-level API functions and injecting them into the registry. They can also give control of the PC to some evil hacker. They are not easy to find, but they are easy to remove.
Instructions
Step 1
Reasons to suspect the presence of rootkits that sneaked into the system: antivirus scanners (Kaspersky Virus Removal) do not start, resident antiviruses are not installed, friends complain about spam streams coming from your PC, and for some reason some pages persistently redirect you somewhere. In this case, it's time to treat the computer.
Step 2
The utilities are the easiest to use. They are free and simple. Kaspersky offers TDSSKiller, a special anti-rootkit program. You can download it from the Kaspersky website as an.exe file. You need to run it and start checking. Save all suspicious files to quarantine, and then you will need to go to the VirusTotal.com website and send them from the / TDSSKiller_Quarantine folder in the system section for analysis.
Step 3
One more thing from Kaspersky, or rather from the employee of the laboratory Oleg Zaitsev - AVZ. Before starting it, a backup point is created, because the utility cleans everything up. Before starting, check the box next to "Detect RooTkit and API interceptors" and run.
Step 4
The next utility is the famous CureIt! from Dr. Web. Download it from the developer's site on your PC. For the free version to work, you will have to enable sending statistics to the lab. Launch the software, check the boxes for the "Rootkits" and "RAM" lines, and then start checking. After its completion, it would be better to completely check the system with the same program.
Step 5
It is most effective to restore the system using a bootable antivirus disk or a USB flash drive. The method is good on a PC where the utilities do not want to run. Suitable for this role are LiveCDs from DrWeb, Defender Offline from Microsoft and Rescue Disk, released by Kaspersky.
