Welcome to PcCare.com
Rootkits can be removed from systems quite easily by booting from your computer manufacturers cdrom. Computers booted in this way load clean files off the cdrom instead of infected files off c: drive. The rootkit is never loaded and can't subvert your operating system (step by step procedure).
Rootkits can be detected by booting from your operating system disk and comparing your registry and executable files against a normal system startup. PcCare provides a free utility which automates this comparison, see PcCare Logger.
RootkitRevealer -> Microsoft's rootkit tool
- Rootkit revealer displays registry keys, process etc that are hidden by rootkits
The following set of findings are ok and do not represent viral entries:
HKLM\Security\Policy\Secrets\SAC*
$Repair:$Config
C:\System Volume Information\catalog.wci\0001000D.ci 10/04/2006 4:41 PM 12.00 KB Hidden from Windows API.
C:\System Volume Information\catalog.wci\0001000D.dir 10/04/2006 4:41 PM 368 bytes Hidden from Windows API.
C:\System Volume Information\catalog.wci\0001000E.ci 10/04/2006 5:08 PM 12.00 KB Hidden from Windows API.
C:\System Volume Information\catalog.wci\0001000E.dir 10/04/2006 5:08 PM 362 bytes Hidden from Windows API.
The most effective way to remove a rootkit is to boot from your operating system cd, this prevents any viruses from loading. You then run malware removal programs to remove the malicious files. See Virus removal.
Please review our Terms of Service and Privacy statement before initiating service or using this site. Microsoft® and the Office logo are trademarks or registered trademarks of Microsoft Corporation in the United States and/or other countries. PcCare Site Map. About Us