[Windows] 13 top best free rootkit removal (anti-rootkit) programs

Malware is bad. No one likes malware. Rootkit is one of the worst forms of malware because rootkits hide themselves “under” or “within” the Windows operating system, making harder to detect and remove than other types of malware. Because of this, rootkit is one of the only forms of malware that has specialized removal software, known as anti-rootkit programs.

Now that doesn’t mean security suites and anti-virus programs don’t have anti-rootkit capabilities built in; in fact, most security suites and anti-virus programs do indeed have anti-rootkit protection built into them. Rather, what I mean to say is there is a special class of software out there that specialize in removal of rootkits, aka anti-rootkit programs. And we have compiled a list of nine free anti-rootkit programs for you to pick from. Enjoy!

13 TOP BEST FREE ANTI-ROOTKIT SOFTWARE FOR WINDOWS XP, VISTA, 7, AND 8

AVG Anti-Rootkit

avg_anti_rootkit_screenshot_from_softpedia

Panda Anti-Rootkit

panda_anti_rootkit_screenshot_from_softpedia

F-Secure BlackLight Rootkit Detection

f-secure_blacklight_rootkit_detection_screenshot_from_softpedia

Vba32 AntiRootkit

vba_31_antirootkit_screenshot_from_softpedia

Sophos Anti-Rootkit (now known as Sophos Virus Removal Tool)

sophos_virus_removal_tool_screenshot_from_softpedia

Malwarebytes Anti-Rootkit

malwarebytes_anti_rootkit_screenshot_from_softpedia

aswMBR

aswMBR_screenshot

Bitdefender Rootkit Remover

bitdefender_rootkit_removal_tool_screenshot_from_softpedia

Comodo Cleaning Essentials

comodo_cleaning_essentials_screenshot_from_softpedia

GMER

gmer_screenshot

Kaspersky TDSSKiller

kaspersky_tddskiller_screenshot_from_softpedia

Dr.Web CureIt

dr_web_cureit_screenshot

Microsoft Malicious Software Removal Tool

microsoft_malicious_software_removal_tool_screenshot_from_softpedia

WHICH ONE IS THE TOP BEST FREE ANTI-ROOTKIT TOOL?

Before we delve into which one is the “best”, it should be noted no anti-rootkit tool is perfect. Because of the way rootkits work, it is very possible that anti-rootkit program A is unable to remove rootkit Z but can remove rootkit Y while anti-rootkit program B is unable to remove rootkit Y but can remove rootkit Z. In other words, it is always good to have multiple anti-rootkit utilities at your disposal because they cover each others weaknesses.

However, that doesn’t mean all anti-rootkit programs are equal. Indeed, some anti-rootkit programs are better than others. So which is the best?

Well, immediately thrown out of the race are AVG Anti-Rootkit, Panda Anti-Rootkit, F-Secure BlackLight Rootkit Detection, Vba32 AntiRootkit, and Comodo Cleanning Essentials. Why? Because these five programs are no longer actively developed and will only remove old(er) rootkits. That leaves Sophos Anti-Rootkit, Malwarebytes Anti-Rootkit (which is still in Beta), aswMBR (which is based on GMER technology), Bitdefender Rootkit Remover, GMER, Kaspersky TDSSKiller, Dr.Web CureIt, and Microsoft Malicious Software Removal Tool in the race.

Out of these eight anti-rootkit programs, the top four are Sophos Anti-Rootkit, Malwarebytes Anti-Rootkit, aswMBR, and Kaspersky TDDSKiller. Of these anti-rootkit programs, all four programs are ones that you want to keep in your anti-rootkit toolkit because, as I mentioned previously, no one anti-rootkit program can remove rootkits. That being said, unfortunately, Sophos Anti-Rootkit and Kaspersky TDDSkiller haven’t yet been updated to officially work with Windows 8 (they may still work with Windows 8, but Windows 8 isn’t officially supported by them). So Malwarebytes Anti-Rootkit ranks on the top of my list as the top best free rootkit removal program, followed by aswMBR, Kaspersky TDDSkiller, and Sophos Anti-Rootkit.

CONCLUSION AND DOWNLOAD LINKS

In this article, we have listed 13 free rootkit removal programs for Windows XP, Vista, Windows 7, and Windows 8. Wether you decide to download our top picks or any other on this list, we hope these programs will help you stay safe.

The download links for each program can be found below.

AVG Anti-Rootkit download page

Panda Anti-Rootkit download page

F-Secure BlackLight Rootkit Detection download page

Vba32 AntiRootkit download page

Sophos Anti-Rootkit download page

Malwarebytes Anti-Rootkit download page

aswMBR download page

Bitdefender Rootkit Remover download page

Comodo Cleaning Essentials download page

GMER download page

Kaspersky TDSSKiller download page

Dr.Web CureIt download page

Microsoft Malicious Software Removal Tool

Share this post

Comments

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>

13 comments

  1. Bob

    Stay away from the Sophos! I’m one of those weird guys who actually reads the information before installation. If you accept the agreement, you grant Sophos the right to take personally identifiable information – like your name and email – and publicly use your name as one of their supporters! There appears to be NO privacy if you accept their terms.

    I would have installed their program, but not under these circumstances!

  2. Mark

    Many thanks for this useful overview. You only talk about *removing* toolkits, not *detecting* them, so I’m not sure now if many toolkits can only be detected in the first place by one or the other of these anti-toolkit programs, or if good AV programs can detect most rootkits even if they may not be able to remove them.
    In other words, do I only need to bother with these tools if a rootkit has already been detected by my AV (which happens to be avast!), or would you suggest to scan the system regularly with your top recommendations even if the AV gives no warnings?

  3. WildCat

    Prevx got bought out and “joined” into a paid program, so can understand it not being here. But I thought I might see RADIX, RootRepeal or Trend Micro RootkitBuster mentioned?

    RADIX http://www.usec.at/rootkit.html

    RootRepeal https://sites.google.com/site/rootrepeal/ ( Original site?)
    http://www.bleepingcomputer.com/download/rootrepeal/ ( New Beta )

    Trend Micro RootkitBuster
    http://www.bleepingcomputer.com/download/trend-micro-rootkitbuster/

  4. devnullius

    [@davidroper]
    Ashraf did just that: narrowing it down with iron logic. I immediately copy pasted it to another forum! So yeah, thank you for a great summary. And you are right: there is no single winner. Too bad. Combofix uses asw too, I believe.

  5. Giovanni

    Hey Ashraf,
    besides Comodo Rescue Disk (http://www.comodo.com/business-security/network-protection/rescue-disk.php) also try a freeware called “OSHI Unhooker” .

    In fact, although you didn’t mention it in your review, it’s in my view a terrific FREE APP against rootkits, since it uses extremely complex and unique heuristics algorithms and indepth system analysis in order to detect and remove any kind of rootkits out there, including the unknown ones:

    http://www.oshiunhooker.com/index.php

  6. davidroper

    Ashraf, your article reminds me of the time when a female neighbor came to my house and told me that all the women in the neighborhood had gotten together and voted me the second best looking and sexy guy in the neighborhood.

    I was feeling pretty good about it and so I asked her, “Well, who came in first place?”

    She said “all the rest of the men.”

    So we have 13 contenders for “best unrooter” and no leader? Really? Gimme two or three at least to use. I don’t have time to run 13. I have to move to a new neighborhood where the competition is not as good for best looking man.

  7. Mr.Dave

    So which of these programs is usable by mere mortals?

    I’ve “tried” lots of rootkit detectors and removers. Most of them gave me a list of 2 or 3 *hundred* files and said there *might* be a rootkit hiding in there someplace.

    Tried MalwareBytes mbar last weekend. Ran it in Safe Mode (no network) and it said it couldn’t load a dll file, might be a rootkit blocking it. Ran it again in Safe Mode (with networking) and it found nothing.

    I still refuse to play any disc from Sony on my PC because of the rootkits they used to install. But I seem able to get the happy feeling that I have no rootkits on my PC. It slows to a crawl at times, Anvir tells me disk C: is at 100% read/write activity, yet it shows no significant process using it. Scans from MalwareBytes, Advanced System Care, MS Security Essentials and others never show any problems…