I was browsing through Neowin today I saw a help query on deleting (read removing) a rootkit virus called BKDR_HAXDOOR.GP and BKDR_HAXDOR.AU
Then he wanted to delete the two keys in the registry which he suspects that the rootkit is supposedly using
But he was unsuccessful in that so I am now trying to list some tools that will help to get rid of rootkits but not sure it will help.
Publisher : Sysinternals
RootkitRevealer is an advanced rootkit detection utility. It runs on Windows NT 4 and higher and its output lists Registry and file system API discrepancies that may indicate the presence of a user-mode or kernel-mode rootkit. RootkitRevealer successfully detects all persistent rootkits published at http://www.rootkit.com, including AFX, Vanquish and HackerDefender (note: RootkitRevealer is not intended to detect rootkits lik
RootKit Hook Analyzer is a security tool which will check if there are any rootkits installed on your computer which hook the kernel system services. Kernel RootKit Hooks are installed modules which intercept the principal system services that all programs and the operating system rely on. This program will display all kernel services and the responsible modules for handling them, along with company and product information
Publisher Sana Security
Primary Response SafeConnect provides instant and constant protection for PCs by detecting and completely removing spyware, rootkits, and adware without the need for signatures or scanning. Remove spyware and other malicious software from your PC in real time. Primary Response SafeConnect does not require you to scan your PC, and it can clean up your PC after it has been infected.
ProcessGuard is a powerful new type of security system that secures Windows at the lowest (kernel) level, allowing it to provide the maximum possible security. An intuitive interface makes the program very easy to use, and a comprehensive help file explains everything in full detail for those wanting to know more. ProcessGuard gives you full control over which programs are allowed to run and prevents even the stealthiest rootkit Trojan horses from being able to install malicious drivers. Virtually all known code/process-related attacks can be prevented, including keyloggers, firewall leak tests, process termination, code and DLL injection, thread hijacking, and Windows File Protection attacks.
Ashampoo AntiSpyWare protects you against more than 500,000 security threats. Ashampoo AntiSpyWare can monitor and protect your computer continuously. A small background program checks every suspicious file for potential hazards before it is opened, making it impossible for Trojans to install themselves on your computer. Ashampoo AntiSpyWare is a brand-new tool. Building on existing solutions combined with intelligent new strategies and algorithms it provides exceptional protection against spyware and other malware. Its advanced heuristic search and analysis system can actually identify and block new and unknown threats before they can do any damage. It can even detect the highly dangerous Rootkits.
Version 1.50 detects more than 500,000 threats, features improvements to the license server and much better AntiSpyWare Guard. The “Tools” menu now contains the task planner in all languages.
I will reccomed Rootkitrevelaer anyway because I have so much trust in the company that produces…the software Sysinternals really Rocks…
Check the following Links too for some more info on rootkits