Enterprise anti-virus vendor Sophos on Aug. 23 released a free rootkit detection and removal tool alongside a warning that the stealthy malware threat is a legitimate security concern for businesses.
Sophos, of Lynnfield, Mass., said its rootkit cleaner offers an easy-to-use interface to scan all running processes, local hard drives and the Windows registry for rootkits.
The company joins a growing list of Internet security vendors adding rootkit-scanning capabilities to their product lines. Finnish anti-virus outfit F-Secure offers the BlackLight rootkit clean-up utility, while BitDefender and others are beta testing similar offerings.
Rootkits are programs that are used to give a remote user persistent access to a compromised system while avoiding detection from security scanners.
Now the company has released a free scanner that promises to identify known rootkits and selects, by default, malicious files for removal. Sophos said the tool will remove the rootkit component of the malware without compromising OS integrity.
The rootkit detection and clean-up tool will allow users to remove unidentified hidden files, but does not allow removal of essential system files when hidden by an identified rootkit.
Once the user runs a scan, Sophos said the screen prompts the user through the necessary steps until every rootkit has been removed.
Comments