How to Remove a Rootkit

Download Article
Download Article

Removing rootkits can be difficult, as they often bury themselves deep into the operating system. If you're worried you have a rootkit, follow our guide for locating and removing it from your Windows PC or Mac.

Steps

Download Article
  1. How.com.vn English: Step 1 Know the signs of a rootkit.
    Rootkits are hard to detect on Windows as they often disguise themselves as drivers or as critical files. Some signs that you may have a rootkit include:
    • Your device is running slow, but your antivirus software is not detecting anything.
    • You are unable to copy or find files you know exist on your machine (this is commonly used as DRM to prevent the copying or redistribution of music, movies, or video games).
    • Your device obviously has malware on it, but your antivirus software does not detect anything.
    • Your device takes a long time to start up.
    • Your hardware has stopped working correctly.
    • Other devices (like your router) are reporting that your device is using it even if you are not actively using them.
    2. Advertisement
Method 1
Method 1 of 3:

On Windows

Download Article
  1. How.com.vn English: Step 1 Run a Microsoft Defender scan.
    To do so, open Windows Security, go to Virus & threat protection, and choose "Quick scan". You can also run a full scan.
    • Microsoft Defender will inform you if you need to run Microsoft Defender Offline.
  2. How.com.vn English: Step 2 Start an offline scan.
    From the same screen as Virus & threat protection, choose "scan options" and choose "Microsoft Defender Offline scan". Your PC will restart.
  3. How.com.vn English: Step 3 Check the scan results after restart.
    If your PC detected rootkits, it will inform you that it was able to remove them.
  4. How.com.vn English: Step 4 Reinstall Windows.
    If a rootkit has caused a deep infection, then the only way to remove the rootkit is to reinstall Windows. Do this from an external media device instead of using the built-in Windows installer.
  5. How.com.vn English: Step 5 Have your hardware replaced.
    Some rootkits are able to infect the BIOS, which will require a repair to fix. If you still have a rootkit after a repair, you may need to get a new PC.
    6. Advertisement
Method 2
Method 2 of 3:

On Mac

Download Article
  1. How.com.vn English: Step 1 Update your Mac.
    Mac updates do not just add new features; they also remove malware, including rootkits, and fix security holes. Apple has numerous built-in security features to protect from malware, including rootkits.
  2. How.com.vn English: Step 2 Accept prompts to move malware to the Trash.
    If your Mac detects a malicious program, it will ask you to move it to the Trash. That way, malware, including rootkits, cannot cause problems on your machine.
  3. How.com.vn English: Step 3 Reinstall macOS.
    Unfortunately, there are no known rootkit detectors on macOS. If you still suspect a rootkit is on your device, you should reinstall macOS. Doing so removes most apps and any possible rootkits on your machine.
  4. How.com.vn English: Step 4 Have your hardware replaced.
    Some rootkits are able to infect the BIOS, which will require a repair to fix. If you still have a rootkit after a repair, you may need to get a new Mac.
    5. Advertisement
Method 3
Method 3 of 3:

On iOS

Download Article
  1. How.com.vn English: Step 1 Back up your data first.
    Unfortunately, there are no known rootkit detectors on iPhone. Rootkits can be difficult to remove and they often manifest themselves as developer profiles or hide themselves in jailbreaks.
  2. How.com.vn English: Step 2 Enter DFU mode.
    To do so, turn off your phone while it is connected to your computer. On iPhone 8 and later, press the volume up then volume down then power keys and hold the power button for three seconds. Then hold the power and volume down buttons together for ten seconds. Then release the power button and continue holding the volume down button. This will enter recovery mode.
    • On iPhone 7, you do not have to press the volume up and volume down keys at the beginning.
    • On iPhone 6s and earlier, use the home button instead.
  3. How.com.vn English: Step 3 Click on Restore iPhone/iPad... in iTunes or in Finder.
    This will erase all data but also remove any jailbreaks and/or rootkits present on your iOS device. You can recover your downloaded apps using iCloud or iTunes backup.
    4. Advertisement


Community Q&A

Search
Add New Question
  • Question
    Isn't Kaspersky spyware?
    How.com.vn English: Achaius Dimalibot
    Achaius Dimalibot
    Community Answer
    It's not spyware. It is an antivirus software, and it also works like Windows Defender.
    Thanks! We're glad this was helpful.
    Thank you for your feedback.
    If How.com.vn has helped you, please consider a small contribution to support us in helping more readers like you. We’re committed to providing the world with free how-to resources, and even $1 helps us in our mission.Support How.com.vn
    YesNo
    Not Helpful 1Helpful 0
Ask a Question
200 characters left
Include your email address to get a message when this question is answered.
Submit
      Advertisement

      Tips

      Submit a Tip
      All tip submissions are carefully reviewed before being published
      Submit
      Thanks for submitting a tip for review!

      You Might Also Like

      How.com.vn English: Turn Off Windows Defender in Windows 10Turn Off Microsoft Defender in Windows 10: Temporarily or Permanently
      How.com.vn English: Detect Pegasus SpywareHow to Check Your Smartphone for Pegasus Spyware
      How.com.vn English: Remove the System Volume Information Folder from a Flash Drive
      How to
      Remove the System Volume Information Folder from a Flash Drive
      How.com.vn English: Remove a Virus
      How to
      Remove a Virus
      How.com.vn English: Install an AntivirusInstall Antivirus on Your Windows or Mac Computer: Easy Guide
      How.com.vn English: Disable Avast Antivirus
      How to
      Disable Avast Antivirus
      How.com.vn English: Remove MalwareHow to Remove and Prevent Malware on a Computer
      How.com.vn English: Remove a Worm Virus
      How to
      Remove a Worm Virus
      How.com.vn English: Enable Google Play Protect
      How to
      Enable Google Play Protect
      How.com.vn English: Remove Newfolder.Exe Virus
      How to
      Remove Newfolder.Exe Virus
      How.com.vn English: Disable AVG
      How to
      Disable AVG
      How.com.vn English: Perform an Offline Scan with Windows 10 Defender
      How to
      Perform an Offline Scan with Windows 10 Defender
      How.com.vn English: Protect Your Computer With Antivirus Software
      How to
      Protect Your Computer With Antivirus Software
      How.com.vn English: Download and Install Avast! Free Antivirus
      How to
      Download and Install Avast! Free Antivirus
      Advertisement

      About This Article

      How.com.vn is a “wiki,” similar to Wikipedia, which means that many of our articles are co-written by multiple authors. To create this article, 17 people, some anonymous, worked to edit and improve it over time. This article has been viewed 52,705 times.
      How helpful is this?
      Co-authors: 17
      Updated: April 15, 2022
      Views: 52,705
      Categories: Computer Virus Protection
      In other languages
      Thanks to all authors for creating a page that has been read 52,705 times.

      Is this article up to date?

      ⚠️ Disclaimer:

      Content from Wiki How English language website. Text is available under the Creative Commons Attribution-Share Alike License; additional terms may apply.
      Wiki How does not encourage the violation of any laws, and cannot be responsible for any violations of such laws, should you link to this domain, or use, reproduce, or republish the information contained herein.

      Notices:
      • - A few of these subjects are frequently censored by educational, governmental, corporate, parental and other filtering schemes.
      • - Some articles may contain names, images, artworks or descriptions of events that some cultures restrict access to
      • - Please note: Wiki How does not give you opinion about the law, or advice about medical. If you need specific advice (for example, medical, legal, financial or risk management), please seek a professional who is licensed or knowledgeable in that area.
      • - Readers should not judge the importance of topics based on their coverage on Wiki How, nor think a topic is important just because it is the subject of a Wiki article.

      Advertisement