Home » Questions » Computers [ Ask a new question ]

Which rootkit cleaner do you recommend for Windows XP? [closed]

Which rootkit cleaner do you recommend for Windows XP? [closed]

Answering the question "Task Manager shows 100% CPU utilization, but nothing in process list does.", Paul Woodward stated that his problem with 100% CPU was a rootkit infecting his computer. My computer seems to suffer from the same problem.

Asked by: Guest | Views: 115
Total answers/comments: 5
Guest [Entry]

I don't think you can actually use it to 'clean' a rootkit, but a very good 'detector' is RootkitRevealer from Sysinternals.
Guest [Entry]

"I think the pro version of AVG has root-kit protection and removal.

Personaly, if i found my windows box infected with a rootkit, I would just reformat and reinstall the OS. Even if there was a good tool out there that says it removed everything, I just would have a better peace of mind just reinstalling it all.

http://www.avg.com/"
Guest [Entry]

"currently trying in vain to remove a rootkit problem on my pc, not having any luck.

have tried avg (my current main antivirus) which doesnt find anything
have tried the microsoft online live scanne which didnt find anything
have tried prevx which misidentified Tor as malware
malwarebytes never finds anything either
superantispyware found a rootkit and removed it, but didnt completely fix the problem

have tried thestubware which was recommended to me on here, and it finds the rootkit,
but each time it removes it, when i reboot it comes back again with a different file name.

am going to try sophos rootkit revealer now."
Guest [Entry]

"You might have a rootkit on the computer, in which case you should run HitManPro 3.5, which will detect the TDL3/TDSS/Alueron rootkit.

If you are absolutely sure you have a rootkit, run one of the following (in order of importance)

TDSSKiller
RootkitRevealer
RootRepeal"
Guest [Entry]

"For the record, I've got to suggest PrevX.

When I had malware problems a while ago (initially noticed by some vague McAfee access-protection violation) I was scanning and submitting suspect files all over the shop. [I seem to recall about 25% of the online scanners recognised anything wrong with the files at all - but wouldn't agree on what the problem was.] I went through all the removers and/or manual steps I could find, but those bad files just kept coming back.

PrevX (which was free to download and scan - you had to pay for removal) only gave some kind of generic name for the infection but I decided to throw my £20 quid at them as a last resort because:

a) I was getting desperate: I was about to have to do a reinstall just as a work deadline was resuming;

b) Some prevx fellas were providing some extremely active and knowledgeable support on a forum somewhere and I think that was the only relevant mention of the combination of bad files I was finding on my machine.

c) IIRC, they had some deal where if PrevX didn't remove the infection they promised to personally investigate (like remoting onto your machine or something) - and was it a refund too?

(I'm definitely not affiliated or anything. Was just entirely satisfied by a product that did what I needed it to do at the right time. And, um, I'll renew my lapsed subscription next time I find a problem!)"