Bitdefender Rootkit Remover
Update (Aug 2019): Bitdefender Rootkit Remover has reached End-of-Life and is not actively maintained anymore. Its functionality has been integrated in Rescue Mode, an environment that allows you to scan and disinfect all existing hard drive partitions inside and outside of your operating system.
The Bitdefender Rootkit Remover deals with known rootkits quickly and effectively making use of award-winning Bitdefender malware removal technology. Unlike other similar tools, Bitdefender Rootkit Remover can be launched immediately, without the need to reboot into safe mode first (although a reboot may be required for complete cleanup).
Rootkit Remover deals easily with Mebroot, all TDL families (TDL/SST/Pihar), Mayachok, Mybios, Plite, XPaj, Whistler, Alipop, Cpd, Fengd, Fips, Guntior, MBR Locker, Mebratix, Niwa, Ponreb, Ramnit, Stoned, Yoddos, Yurn, Zegost and also cleans infections with Necurs (the last rootkit standing). Please note that the list is a bit outdated – new rootkit families are added as they become known.
Both x86 and x64 Rootkit Remover kits are available, please choose the appropriate one for your system from the right side.
New to Rootkit Remover? Not sure what to expect? Here are some quick questions and answers.
Q: It claims to have finished in three seconds. What?”]A: The checks it makes are indeed very rapid. You can rest assured though, they are not less thorough for it.
Q: This thing didn’t scan my system for viruses!”]A: Not a question, but yes. Rootkit Remover finds and disables several families of particularly dangerous rootkits, mostly of the sub-type called ‘boot-kit’ – namely rootkits which mess with the boot-up process (usually by modifying the MBR) to survive between reboots and regain control of the affected machine after each startup.
Q: When will you add detection and removal for rootkit x?
Q: When will you add detection/removal for virus/worm y?
A: Never, unless it has a rootkit component that we’re interested in.
Q: Why doesn’t this tool work in Safe Mode?”] A: Certain restrictions of the Safe Mode prevent the filesystem-checking functionality from operating – at all. This is a known limitation, not a bug and cannot be circumvented.
Q: This tool just broke my computer and now my SO won’t talk to me anymore, I’m late with a work assignment and I have to re-install Windows! What to do?
A: This tool is provided as is, without any explicit or implied guarantees of any kind (limitations may apply depending on jurisdiction). Try to retrieve the logs (if any were generated) and send them to firstname.lastname@example.org. We might be able to help, or at the very least we’ll write a cautionary tale about your predicament and post it online.
A Red Team Perspective on the Device42 Asset Management Appliance
August 10, 2022
Vulnerabilities Identified in Wyze Cam IoT Device
March 29, 2022
New FluBot and TeaBot Global Malware Campaigns Discovered
January 26, 2022
Bitdefender Honeypots Signal Active Log4Shell 0-Day Attacks Underway; Patch Immediately
December 10, 2021
Bitdefender, Law Enforcement Partnership Saves REvil Victims Half a Billion in Ransom Demand
November 08, 2021
Bitdefender Offers Free Universal Decryptor for REvil/Sodinokibi Ransomware
September 16, 2021