Software

Five free portable rootkit removers

The second you suspect a rootkit action must be taken immediately. Here are five apps that can help.

If you've been at the IT game long enough, you have encountered a rootkit. They are some of the nastiest of the malicious software because it hides the presence of other, malicious software. This obfuscation can lead to SPAM bots and plenty of other nasty surprises. One of the issues with standard anti-virus tools is that they cannot find and remove rootkits. And, the second you suspect a rootkit, action must be taken immediately.

What better way to attack quickly than a piece of portable software? And if that portable software is specific to rookits, you're way ahead of the game. But what apps are available and, of those apps, which ones are up to the task at hand? I've gone through a number of such tools and found what I believe to be some of the best of the free portable rootkit removers. Get ready to download!

This Five Apps blog post is also available as a TechRepublic Photo Gallery.

Five Apps

1. Sophos Anti Rootkit

Sophos Anti Rootkit is a powerful rootkit removal tool that scans, detects, and removes rootkits. Unlike many of the other rootkit removers, Sophos allows you to select where it looks. By default it will scan the registry and local hard drives. Once the scan is complete, Sophos will display its results. It is crucial that you carefully scan through the results to make sure you are not deleting anything necessary. Also - Sophos does require an install, but you can install it on your USB stick and run it from there.

2. Kaspersky TDSSKiller

Kaspersky TDSSKiller is probably one of my top picks for this task. Not only is it great at detecting rootkits, it has an incredibly simple to use interface and is lightning fast at scanning. Although Kaspersky TDSSKiller might be a bit more limited on the amount of rootkits it can find, its success rate outshines most other tools. This tool should be used in conjunction with other rootkit and anti-virus tools.

3. Avast aswMBR

Avast aswMBR looks like an old-school terminal window. Don't be fooled - this tool packs a powerful punch. One feature this tool has, that most others do not, is the Fix MBR feature. With this you can specifically target the Master Boot Record of the PC. Avast aswMBR also allows you to download the latest virus definitions from Avast. This means you don't have to constantly download the latest version of the tool onto your USB drive.

4. GMER

GMER is another top pick that can easily outperform all other tools in its class. The one caveat to this software is that it does require a bit of knowledge to interpret the results. This tool isn't one you simply click and disinfect. You let the tool scan, you pour through the results, and you decide what should be repaired/removed. GMER is the tool you should have in your toolkit that is used when you run across more stubborn infections.

5. Bitdefender Anti Rootkit

Bitdefender Anti Rootkit comes from the maker of one of my favorite antivirus tools. This tool should actually be renamed (as it has been on the actual UI) Bitdefender Bootkit, as it scans for (and removes) all known bootkits (rootkits that load into the MBR). Bitdefender Anti Rootkit can remove probably the widest range of threats, which makes it another top choice. This tool also offers an incredibly user-friendly interface.

Bottom line

A rootkit removal tool is one you hope you never have to use. But when the unwanted happens, make sure you have at least one of these tools on hand to take care of the issue - otherwise you might be faced with an operating system re-install!

Also read

About

Jack Wallen is an award-winning writer for TechRepublic and Linux.com. He’s an avid promoter of open source and the voice of The Android Expert. For more news about Jack Wallen, visit his website getjackd.net.

11 comments
aTechMate
aTechMate

Hitman Pro could have been on the Top of the list i guess had the topic been "five [s]free[/s] portable rootkit removers"

PCcritic
PCcritic

Ravi said: "Very nice article... Wish I could take a printout of the text portion and keep or as a pdf. " Ravi: First, click on the line near the beginning of the article that says "This gallery is also available as a post in the TechRepublic Five Apps Blog." That will give you a nice, printable version. Then you should get some nice PDF software such as Nuance PDF Convert Pro which will print to PDF. I have been using it for years.

ravi
ravi

Very nice article... Wish I could take a printout of the text portion and keep or as a pdf. Can you add a print button on the page?

garyfizer
garyfizer

As more of a casual user if don't run into rootkits much. I first heard of rootkits because of Sony slipping them into their products years ago. The thing is, when Sony got called out on it, I think they had already done it a couple of years earlier and got away with it! Back when the Playstation was geting started there was an emulator called Bleem. Sony hound them out of business in court. They didn't win in court, but the drove the company out of business due to the costs of litigation (sound familiar?). When Bleem came out you ran the install disk loaded a Playstation game and playe it on your PC just like a console. Soon after they started the court case if you loaded a Playstation disk produced later, Bleem wouldn't work! Even earlier titles that had worked before wouldn't. Only way to get them to work again was to reinstall your OS! I looked back on this years later and thought, Hey, that's a rootkit. I believe I'm right but I'm not sure. All I know for sure is it turned me from a LONG time fan of Sony into someone who has boycotted their products ever after!

fishcad
fishcad

I have WinXP on two desktops and Win7 on a laptop. Is there one of the two versions of the Bitdefender app that will work on both systems?

Michael Kassner
Michael Kassner

Has an anti-rootkit beta out, and MBAM's track record suggests that it will become the product of choice.

Mark W. Kaelin
Mark W. Kaelin

When was the last time you had to remove a rootkit? What tool did you use?

YetAnotherBob
YetAnotherBob

I have been using Libre Office for about a year now It prints to PDF as an export option. I also use it to fix some MS Word documents with stubborn format problems. Most MS Office users never know that the documents I send them were produced on a non Microsoft product. It's free. The downside is that the Calc spreadsheet isn't as powerful as Excel. The Data Base, though is better than Access. Just don't install it with the Java data base. I prefer MySQL or Postgress. (It can be set to use most any database.) For many uses, it's use of Java for macros can be quite powerful. But, then, I left Basic behind around 15 years ago.

Gisabun
Gisabun

Most rootkit killers have a single version whether 32 or 64-bit and whatever Windows OS.

aTechMate
aTechMate

MBAM is worth mention here as it detects a lot of different types of rootkits and malwares. Now Malwarebytes have came up with Malwarebytes Anti-Rootkit (MBAR) they are calling it which works super. however in the list above i am missing Hitman Pro