Bitdefender releases Rootkit Remover tool for Windows - gHacks Tech News

Bitdefender releases Rootkit Remover tool for Windows

Rootkits are usually harder to identify and remove than regular malware due to the way these programs integrate themselves on a computer system. It is probably thanks to Sony and the company's infamous music CD rootkit that a larger audience became aware of rootkits in general and how dangerous they are.

Two types of rootkit removers exist. First programs that run more or less on their own, Kaspersky's TDSSKiller is an example of that, and second programs that scan the system but leave the interpretation of results to the user, with Gmer 2.0 being an example of that.

The first group of programs is usually only efficient against a set of rootkits, while the second group may identify them all but it also prone to report false positives.

Bitdefender's Rootkit Remover falls into the first group of programs, as it identifies and deletes a set of known rootkits from Windows systems. The program is available for 32-bit and 64-bit editions of Windows and runs more or less on its own. At the time of writing, it is capable of detecting and removing the following rootkits:

Rootkit Remover deals easily with Mebroot, all TDL families (TDL/SST/Pihar), Mayachok, Mybios, Plite, XPaj, Whistler, Alipop, Cpd, Fengd, Fips, Guntior, MBR Locker, Mebratix, Niwa, Ponreb, Ramnit, Stoned, Yoddos, Yurn, Zegost and also cleans infections with Necurs (the last rootkit standing)

The company notes that new rootkit families are added to the program as they become known. Program use could not be easier. You download and start the program on a supported version of Windows to get started.

bitdefender bootkit removal tool screenshot

A click on start scan runs a scan on the system to detect any rootkit known by the software. The scan should not take longer than a couple of seconds before you are presented with notification that the removal process has been completed successfully.That's an irritating message on systems where no rootkit was detected on.

If a rootkit is found, you will be asked to restart the system now or later (with now being the best option) to clean the system from the infection.

Verdict

Bitdefender's Rootkit Removal Tool is a portable program for Windows to detect and remove several known rootkits and rootkit families from a system. It does not support automatic updates so that it is recommended to check the product homepage before you run scans to make sure you are running the latest version of the application.

The company should consider changing the status notification on clean systems to avoid consumer confusion.

Advertisement

We need your help

Advertising revenue is falling fast across the Internet, and independently-run sites like Ghacks are hit hardest by it. The advertising model in its current form is coming to an end, and we have to find other ways to continue operating this site.

We are committed to keeping our content free and independent, which means no paywalls, no sponsored posts, no annoying ad formats or subscription fees.

If you like our content, and would like to help, please consider making a contribution:


Previous Post: «
Next Post: »

Comments

  1. ilev said on February 7, 2013 at 7:47 pm
    Reply

    The download links on Bitdefender’s site (and your screenshot) are for BootkitRemoval and not for Rootkit Remover.

    1. Martin Brinkmann said on February 7, 2013 at 8:01 pm
      Reply

      This may be a spelling mistake.

  2. ilev said on February 7, 2013 at 8:08 pm
    Reply
    1. Martin Brinkmann said on February 7, 2013 at 8:48 pm
      Reply

      Maybe they have used the core code of the bootkit app as the core for the rootkit application. Well, it is certainly strange.

      1. ilev said on February 7, 2013 at 8:54 pm
        Reply

        Tested the app. It froze on “preparing”

  3. rickxs said on February 7, 2013 at 11:00 pm
    Reply

    loaded & ran OK, the 3sec scan seems more in-tune with a boot scan than a C/S drive

  4. Transcontinental said on February 7, 2013 at 11:50 pm
    Reply

    Martin, what exactly do you mean by “The program is available for 32-bit and 64-bit editions of Windows and runs more or less on its own.” ?

    1. Martin Brinkmann said on February 8, 2013 at 12:01 am
      Reply

      That it does not provide you with many options.

      1. Transcontinental said on February 8, 2013 at 12:05 am
        Reply

        I was imagining a non-install application that would set data in Registry and/or application data folders …

    2. ilev said on February 8, 2013 at 7:14 am
      Reply

      It is portable as well.

  5. rickxs said on February 8, 2013 at 12:31 am
    Reply

    edit: I meant O/S [above] not C/S– sorry a typo

  6. X said on February 10, 2013 at 12:49 am
    Reply

    You might want to try Malwarebytes Anti-Rootkit 1.01.0.1020 Beta available at http://downloads.malwarebytes.org/file/mbar

Leave a Reply

Check the box to consent to your data being stored in line with the guidelines set out in our privacy policy

Please note that your comment may not appear immediately after you post it.