Don't expect too much from Rootkit Remover
Bitdefender Labs has released Bitdefender Rootkit Remover, a free stand-alone tool for dealing with known rootkits.
The company report that Rootkit Remover can remove infections from a wide range of threats, including Mebroot, all TDL families (TDL/SST/Pihar), Mayachok, Mybios, Plite, XPaj, Whistler, Alipop, Cpd, Fengd, Fips, Guntior, MBR Locker, Mebratix, Niwa, Ponreb, Ramnit, Stoned, Yoddos, Yurn, Zegost and Necurs, amongst others.
The program’s emphasis is very much on simplicity. There’s no installation required, no need to worry about compatibility with other security products, and no lengthy running times, either. Just click “Start Scan” and Rootkit Remover checks for specific signs of infection by known rootkits. If anything is found, it’ll be removed; and if your system is clean, the scan could be over in less than a second.
You shouldn’t expect too much from Rootkit Remover, then. It doesn’t perform any kind of general analysis to help you detect and remove brand new threats, and of course it can’t stop you from being infected in the first place (so is no substitute for a regular antivirus engine). This is really just about providing a single dedicated tool to quickly remove malware which Bitdefender knows about already.
Still, this isn’t in itself a bad thing. If you think you might be infected by a rootkit and your current antivirus engine hasn’t raised an alert, then there’s no doubt that this new tool provides a very quick and easy way to get a second opinion, and perhaps solve the problem entirely. Especially as the official Bitdefender Labs blog post on the release suggests it’s going to be regularly updated, with support for tackling “new rootkit families… added as they become known”.