First Party Tools For Removing Windows MalwareHopefully, if you're a Windows user, you already know that Microsoft has a free, first-party antivirus tool that you can download and install to help protect your system. It is called Microsoft Security Essentials and can be downloaded from here:
What you may not know is that Microsoft just released a tool for rootkit detection and removal. For those of you who don't know what a rootkit is, you're probably infected. Just kidding... but seriously. A rootkit is a type of malware that installs itself onto your system in such a way that it is completely, 100% undetectable by antivirus programs. It does this by replacing the low-level system files that operate at a lower level than antivirus programs with it's own copies.
These malicious copies do two things. First, they act 100% like the genuine system files, so that your system still functions. Second, and this is the kicker, they hide all of the malicious files installed on your system so that they can run and you don't even know that they're there.
One example of this is getting a directory listing. Let's say that you open a command prompt and run 'dir'. That's a normal system command that should just show you the contents of a folder. However, when you have a rootkit this command will run, deliver the results to the rootkit which will strip out all of the malicious files, then show you the "cleaned" list of files. You'll never know that a malicious file exists in that folder because it is removed from the directory listing before you ever see the list. That's just one simple example of how a rootkit operates.
So, suffice it to say, rootkits are undetectable from within your computer. This is why Microsoft made a new tool: System Sweeper. System Sweeper is a bootable rootkit remover. Obviously, or maybe not so obviously, you can't remove a rootkit if you can't see it. I've already explained that within your system you can't see the rootkit, therefore you can't remove it by installing some removal tool on your system. This is why System Sweeper doesn't get installed on your system.
System Sweeper is a bootable ISO file, which you can burn to a CD or thumb drive. You reboot your computer with the CD or thumb drive in, boot to it, and it will scan and attempt to remove rootkits from your computer. Then you can reboot into Windows and use your computer as normal, rootkit free!
Microsoft offers one version for 32 bit systems and one version for 64 bit systems, so you need to use the right version depending on what kind of system you have. If you are unsure as to which you should use, do this to find out:
- Start > Run > msinfo32
- On the right hand side, look for System Type
- If you see X86-based PC, you are running 32-bit
- If you see x64-based PC, you are running 64-bit