Rootkits are usually harder to identify and remove than regular malware due to the way these programs integrate themselves on a computer system. It is probably thanks to Sony and the company's infamous music CD rootkit that a larger audience became aware of rootkits in general and how dangerous they are.
Two types of rootkit removers exist. First programs that run more or less on their own, Kaspersky's TDSSKiller is an example of that, and second programs that scan the system but leave the interpretation of results to the user, with Gmer 2.0 being an example of that.
The first group of programs is usually only efficient against a set of rootkits, while the second group may identify them all but it also prone to report false positives.
Bitdefender's Rootkit Remover falls into the first group of programs, as it identifies and deletes a set of known rootkits from Windows systems. The program is available for 32-bit and 64-bit editions of Windows and runs more or less on its own. At the time of writing, it is capable of detecting and removing the following rootkits:
Rootkit Remover deals easily with Mebroot, all TDL families (TDL/SST/Pihar), Mayachok, Mybios, Plite, XPaj, Whistler, Alipop, Cpd, Fengd, Fips, Guntior, MBR Locker, Mebratix, Niwa, Ponreb, Ramnit, Stoned, Yoddos, Yurn, Zegost and also cleans infections with Necurs (the last rootkit standing)
The company notes that new rootkit families are added to the program as they become known. Program use could not be easier. You download and start the program on a supported version of Windows to get started.
A click on start scan runs a scan on the system to detect any rootkit known by the software. The scan should not take longer than a couple of seconds before you are presented with notification that the removal process has been completed successfully.That's an irritating message on systems where no rootkit was detected on.
If a rootkit is found, you will be asked to restart the system now or later (with now being the best option) to clean the system from the infection.
Bitdefender's Rootkit Removal Tool is a portable program for Windows to detect and remove several known rootkits and rootkit families from a system. It does not support automatic updates so that it is recommended to check the product homepage before you run scans to make sure you are running the latest version of the application.
The company should consider changing the status notification on clean systems to avoid consumer confusion.
Ghacks is a technology news blog that was founded in 2005 by Martin Brinkmann. It has since then become one of the most popular tech news sites on the Internet with five authors and regular contributions from freelance writers.