How To Detect And Remove Rootkits Using Malwarebytes Anti-Rootkit

Rootkits are stealth malicious programs that evade detection by regular anti-virus software and can cause considerable damage to the infected system.

Malwarebytes Anti-Rootkit is a free application that scans, detects and removes various rootkits. Though this application is in beta as of now, it works seamlessly.

malwarebytes anti-rootkit application



Download it from here.

Once downloaded and installed, launch the “mbar.exe” file from the installation path.

malwarebytes anti-rootkit exe

Update the rootkit database to have the latest signature.

rootkit scan in progress

Next, for scanning, tick all the  three choices “Drivers”, “Sectors” and “System” and choose the “Scan” option. This process will take a while so be patient.


rootkit scan completed

If some threats are detected, choose the “Cleanup” option and reboot the system for the changes to take place. Also, it is a good idea to re-run the scan after a reboot to make sure that the detected threats are gone for good.

After the scan and cleanup (if any), if various important services like Windows Update, Internet access and so on are broken or don’t work as expected, go to the “Plugins” folder in the Malwarebytes Anti-rookit installation path and run the “fixdamage.exe” tool.

accessing the fixdamage tool from malwarebytes anti-rootkit


All done.

It is a good practice to regularly update Malwarebytes anti-rootkit database and scan for rootkits. Overall, this is a simple and lightweight rootkit removal application.

Happy cleaning!

Comments are closed.