How do I remove a rootkit without an anti-rootkit program? [duplicate]

malware rootkit windows-2000

Possible Duplicate:
My server's been hacked EMERGENCY

Windows 2000 Server.

I believe I have a rootkit. But, nothing will remove it. I've tried everything. Even tools that are merely for scanning fail or bsod the computer.

Since nothing works, I wanted to try and do it manually.

edit: This is a Windows 2000 Server Forest Root. I cannot rebuild it without blowing up the domain.


I'd strongly advise to rebuild your server.

  • if the server has been root-compromised how can you assure integrity of all of its parts even if you THINK you've removed the compromised part ?
  • it's easier and saves the time and hassle - rebuild and restore from backups

Related

Why ulimit shows different outputs? [closed]
Seeking central user management software [closed]
Why does ip address have a dash [closed]
iptables blocking all outbound connections
Example user OUs and GPO enforcement [closed]
choosing network interface based on network purpose [closed]
Which Linux distribution is suitable for serverside development and somewhat easy to use? [closed]
DNS Configuration and Domain Controllers on Home Network [closed]
Adding secondary groups and running processes
MySQL server crashes at least 2 times a week
process user differently using ssh key
How to change name server and have least downtime?