{"id":1099,"date":"2012-12-18T16:17:54","date_gmt":"2012-12-18T22:17:54","guid":{"rendered":"http:\/\/wp.natsci.colostate.edu\/cnsit\/?p=1099"},"modified":"2021-12-17T13:55:03","modified_gmt":"2021-12-17T20:55:03","slug":"rootkit-virus-how-to-detect-and-remove","status":"publish","type":"post","link":"https:\/\/cnsit.colostate.edu\/kb\/rootkit-virus-how-to-detect-and-remove\/","title":{"rendered":"Rootkit Virus &#8211; How to detect and remove"},"content":{"rendered":"<p>Rootkit Viruses are stealthy viruses that can cause great damage to your operating system and even to your hardware if they are in the &#8220;firmware rootkit&#8221; class. Several classes of rootkit viruses exist: <a href=\"http:\/\/technet.microsoft.com\/en-us\/sysinternals\/bb897445.aspx\" target=\"_blank\" rel=\"noopener noreferrer\">persistent, memory-based, user-mode, kernel-mode<\/a> and <a href=\"http:\/\/en.wikipedia.org\/wiki\/Rootkit\" target=\"_blank\" rel=\"noopener noreferrer\">firmware driven<\/a>. Installation of these rootkit viruses are automated and can evade many anti-virus programs. Removal of these viruses can be difficult, especially if they are the kernel-mode or firmware driven versions.<\/p>\n<p>The latest rootkit virus that seems to be causing much damage and is spreading at a medium rate is the Rootkit.Sirefef.Gen.<\/p>\n<p>There is a rootkit scan tool called <a href=\"http:\/\/technet.microsoft.com\/en-us\/sysinternals\/bb897445.aspx\" target=\"_blank\" rel=\"noopener noreferrer\">RootkitRevealer v1.71<\/a> from microsoft support.<\/p>\n<p>There is also a rootkit remover tool from the bitdefender website available.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Rootkit Viruses are stealthy viruses that can cause great damage to your operating system and even to your hardware if they are in the &#8220;firmware rootkit&#8221; class. Several classes of rootkit viruses exist: persistent, memory-based, user-mode, kernel-mode and firmware driven. Installation of these rootkit viruses are automated and can evade many anti-virus programs. Removal of [&hellip;]<\/p>\n","protected":false},"author":3,"featured_media":693,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[5,6,10,11],"tags":[],"class_list":["post-1099","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-general-cnsit","category-knowledge-base","category-security","category-security-news"],"_links":{"self":[{"href":"https:\/\/cnsit.colostate.edu\/kb\/wp-json\/wp\/v2\/posts\/1099","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/cnsit.colostate.edu\/kb\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/cnsit.colostate.edu\/kb\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/cnsit.colostate.edu\/kb\/wp-json\/wp\/v2\/users\/3"}],"replies":[{"embeddable":true,"href":"https:\/\/cnsit.colostate.edu\/kb\/wp-json\/wp\/v2\/comments?post=1099"}],"version-history":[{"count":1,"href":"https:\/\/cnsit.colostate.edu\/kb\/wp-json\/wp\/v2\/posts\/1099\/revisions"}],"predecessor-version":[{"id":4228,"href":"https:\/\/cnsit.colostate.edu\/kb\/wp-json\/wp\/v2\/posts\/1099\/revisions\/4228"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/cnsit.colostate.edu\/kb\/wp-json\/wp\/v2\/media\/693"}],"wp:attachment":[{"href":"https:\/\/cnsit.colostate.edu\/kb\/wp-json\/wp\/v2\/media?parent=1099"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/cnsit.colostate.edu\/kb\/wp-json\/wp\/v2\/categories?post=1099"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/cnsit.colostate.edu\/kb\/wp-json\/wp\/v2\/tags?post=1099"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}