How to remove Hacktool.Rootkit

Custom Search
Are you interested in any one of this Seminar, Project Topics. Then mail to us immediately to get the full reports, Presentations & PPT.
Email:- 123seminarsonly@gmail.com Advertisement
CS & IT Computer Science And Information Technology Seminars Topics Electronics Electronics Seminars Topics Mechanical Mechanical Seminars Topics Projects Project Topics Electrical Electrical Seminars Topics MBA MBA Seminars Topics Nursing Nursing Seminars Topics Civil Civil Seminars Topics Automobile Automobile Seminars Topics Advertisements

Advertisement

Workaround 1:

Important: Backup the registry before modify it. Make sure that you know how to restore the registry if a problem occurs. For more information about how to back up, restore, and modify the registry, click the following link:

How to back up and restore the registry in Windows

Search for this file called msdirectx.sys in the root drive.
If it is in the folder System32 then type the following command:

attrib -r -h -s C:\Windows\system32\msdirectx.sys
del C:\Windows\system32\msdirectx.sys
Search the entries for msdirectx.sys in the registry editor and delete all of them.

The file may be in system32\drivers folder rather than system32 folder, so change the command accordingly.

Workaround 2:

Use Registry Editor to Remove Hacktool.Rootkit Registry Values

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\zx\Security
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\zx
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\zx\Enum
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_ZX\0000\Control
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_ZX\0000
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_ZX
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\zx\Enum
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\zx
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_ZX\0000\Control
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_ZX\0000
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_ZX
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\zx\Security
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\egui.exe

Workaround 3:

First of all restart your system in SAFE MODE and then Turn Off All the System Restores by going through My Computer--> Properties --> System Restore --> Turn Off System Restore for all drives.
Make all the folders and sub folders(hidden and unhidden ones) viewable.
Check for the C:\Documents & Settings and Check for each of the sub -folders even the hidden ones. Since , this virus is used to hack password , therefore , it generally makes a folder in this directory only.
There you will find some suspicious file ,(a shield icon on the task bar and a folder like 12343456 something in the C:\Documents & Settings\All Users\Application Data) which will have a link at the desktop and in the task bar as well. This can be judged by looking which icon is this using in task bar. Delete that folder.
Then run the anti virus on your system.
Download theAnti-Malware : Malwarebytes from http://malwarebytes.org/ since this virus creates registry entry as well.
Then restart the system in normal mode with System Restore off.
Execute the Malware Byte and scan the whole system. It will ask to remove and repair the infected registries. Allow it.
Then execute the Anti-virus on your machine in full mode.
Turn the System Restore ON and restart your system.

Related Topics :

How to remove Hacktool.Rootkit

Sponsored Links:-

Useful links

Useful links

Like Us