How to Remove a Rootkit Virus

A rootkit virus is a software program that enables attackers to gain administrator access to a system. Some legitimate antivirus programs also use rootkit programs to counteract the actions of hackers. Follow the given steps to remove a rootkit virus manually.

If you want to remove windows virus hunter then follow this blog-How to remove Windows virus hunter

***it is recommended that you back up your system before attempting to delete any rootkits.

Step1: From the "Start" menu, go to “Run" box and type "msconfig". Click "OK".

Step2: Go to the “Boot" tab and check the box “Boot Log".

Step3: Click "Apply" and then restart your computer.

Step4: Search for any files that start with the following names in all the folders and directories and remove them. The file names may be followed by some random alphabets.

• rot

• gas

• gaopdx

• seneka

• win32k.sys

• uacd  

• tdss

• kungsf

•  gxvxc

• ovsfth

• msqp

• ndisp

• msivx

• skynet

Step5: Go to My Computer> C:> WINDOWS> system32> drivers and note down the entire path of above mentioned file names. Now open the Command Prompt and disable file permission using CACLS command.

For example, "cacls C:WINDOWSsystem32drivers rot.sys /d everyone" and hit Enter. This will disable the .rot file. Do this for every virus file that you made note of. When done, exit Command Prompt.

Step6: Then restart your computer and search for every file that you made note of and delete them. To delete a file, simply right-click on it and select "Delete". Also clear the all temporary files from your system.

Note: If the infected files are not deleted using manual method, you can run rootkit removal tools and scan your system. To get more help you can take online virus removal support from online.

See also: How to Run Virus Scan in Safe Mode
                How to Detect And Remove a Virus From Your Computer