How to remove a rootkit

[RadicalOne]

A rootkit is a type of malware that literally hijacks your system and gains ultimate control, often downloading more malware in the process. A rootkit can hide itself and any other malware, can infect other nonvolatile-memory-storing components of your computer, and can even gain control over the electrical operation of your computer. Some have been known to destroy processors and other components by overclocking or otherwise overusing them beyond their tolerances. With the worst (non-hardware infecting) ones, you can't even boot into your OS, as it will force you into a virtual one where you do not have the privileges to remove it. By this stage, it's too late - you must format your hard disk and reinstall your OS. With the worst hardware-infecting ones, the processor could be deliberately overheated, possibly resulting in fire.

If you suspect you have one, and are not yet digitally incapacitated, I have found a - completely free - method to remove rootkits (and their associated trojans, keyloggers, adware, etc). How do I know it works? It's how I cleaned my system. The only requirement is moderate computer knowledge. It was conceived and tested on a Windows System, but may work on a Mac, assuming Mac versions of the software exist.

Three programs will need to be installed on your computer:
-The latest version of AVG AntiVirus Free
http://free.avg.com/download?prd=afe
-The last free version of AVG AntiRootkit
http://www.softpedia.com/progDownload/AVG-Anti-Rootkit-Download-48738.html
-The latest version of Spyware Terminator
http://www.spywareterminator.com/

Install them in "Advanced User" modes, if applicable.

When all three are installed, make sure the Realtime Shield and HIPS are activated for Spyware Terminator, and AVG's Resident Shield is activated and set to Auto-Heal infections. You may have to play with the settings to achieve this. On a Windows System, go to Control Panel and find "Folder Options" . Go to the "view" tab, and ensure you can view hidden files, and "Protected Operating System Files". On another system, ensure you are capable of viewing all types of files, protected/hidden or not.

Restart your computer.

If all went well, the HIPS should have prevented the rootkit from asserting itself, and therefore it should no longer be actively able to hide from the software.
Open AVG AntiRootkit, and run the deepest scan possible. If anything shows up, find it with Windows Explorer, and back it up to a floppy - NOT a USB key, external drive, or CD.
Then use AVG AntiRookit to delete everything it found.

Reboot.

If your computer does not boot, restore the files you deleted to their original locations from the floppy. Then restart, and delete everything but the file(s) that broke your OS when deleted.

If your computer does boot, open AVG AntiVirus. Open the scan settings and ensure the program will scan the entire hard drive, and every file on it - uncheck "Scan infectable files only". Run the deepest scan possible. Delete everything it finds.

Restart.

Open Spyware Terminator. Run a "Full Virus and Spyware Scan". Delete everything ST finds.

Restart. Your computer should be clean. It is recommended to keep these programs active with the current settings for lasting protection.
If you still experience rootkit-type behavior, you may have a BIOS rootkit, the only type that can escape this process. Unfortunately, the only way to eliminate that nasty of a program is to replace your BIOS chip(s). This likely means getting a new motherboard.

I made a video on this months ago, when I first used the process on my computer.
http://www.youtube.com/watch?v=h0L16t3n9zY