Rootkit is one of the nastiest malware you don’t want to get hit by in the first place. Because once you do and got it slipped into your system, it’s really hard to completely remove it. Often time, you will end up re-formatting your machine and re-installing everything from scratch.
Here, I list 5 Rootkit removal tools that give you the best chance to clean up the mess, in case you, unfortunately, got hit one of them. If you are the vendor who happen to stumble upon this page and couldn’t locate your product, please leave a comment in the below of this post. We are more than happen to reach out and do a review for it.
Malwarebyte Anti-Rootkit has the strong detection technology to detect the nastiest malicious rootkit. I particularly like its cleanup process which not only removes the found rootkits but also verifies your system’s security functionality, such as Internet Access, Windows Firewall, and Windows Update, and makes sure they are working well after the cleanup.
You can also check out our review here.
BitDefender Rootkit Remover
Bitdefender Labs, the leading security software provider, recently released a product called Bitdefender Rootkit Remover that is specifically designed to deal with known rootkits quickly and effectively within seconds, thanks to its award-winning Bitdefender malware removal technology.
Bitdefender Rootkit Remover can be launched immediately without going to the safe mode first. However, you may still be prompted to do a reboot in order to carry out a complete cleanup. The rootkits known to this tool includes Mebroot, all TDL families (TDL/SST/Pihar), Mayachok, Mybios, Plite, XPaj, Whistler, Alipop, Cpd, Fengd, Fips, Guntior, MBR Locker, Mebratix, Niwa, Ponreb, Ramnit, Stoned, Yoddos, Yurn, Zegost and also cleans infections with Necurs (the last rootkit standing). And the new rootkit families are added as they become known.
You can also check our own review of this product here.
McAfee Rootkit Remover
Made by McAfee, one of the leading anti-virus provider, McAfee Rootkit Remover is a stand-alone utility used to detect and remove complex rootkits and associated malware. Currently it can detect and remove ZeroAccess and TDSS family of rootkits. McAfee Labs plans to add coverage for more rootkit families in future versions of the tool. You can download and run it directly on your system. It runs much like a command line in a Command Prompt window, going through 3 quick stages, initialing, scanning, and cleaning, to identify and clean up the mess if it finds any.
Kaspersky, if the name is familiar to you, also has its own standalone product called TDSSkiller that’s designated to remove the nasty rootkits. It works for Windows Vista and above, including 7, 8, and 8.1. So far, the utility is designed to detect and remove known rootkits, such as TDSS, SST, Pihar, ZeroAccess, Sinowal, Whistler, Phanta, Trup, Stoned, RLoader, Cmoser, Cidow), and rootkit-like anomalies. Note that before you start the scanning process, save all your work, as a reboot may be required after the disinfection.
Sophos Rootkit Removal
Sophos also offer a Rootkit Removal tool, as part of its full package of Virus Removal Tool, which is also free. Therefore, it scans, detects, and removes not only rootkits, but also other malware, known viruses too. You do need to download and install this free virus removal tool but you can run it alongside very well with the existing anti-virus software you are using. Since it’s a full package of virus removal tool, the scanning, and cleaning process would be longer than other dedicated rootkit removal tools.
Rootkits are not only nasty but also very sneaky. You don’t usually notice it until a while later when you notice the difference you are using your computer. So it’s highly recommended saving the tools mentioned above into your portable toolbox such as flash drive and running it through regularly on your system. It’s hard to say which tool is the best and most efficient but running them one at a time in rotation might be a good strategy to use.
Last updated: 08/04/2014