Grisoft, makers of the popular AVG Antivirus, today released a free tool specifically aimed at eliminating malicious software that hides itself using rootkit techniques.
Rootkits typically subvert the Windows file system and Registry so as to hide their files from the operating system and from security software that relies on the operating system when searching for traces of malware. Grisoft conducted six months of public beta testing before releasing AVG Anti-Rootkit, to ensure that it removes malicious rootkits without affecting legitimate hidden processes.
AVG Vice President Larry Bridwell explained that AVG Anti-Rootkit was developed to "detect and destroy rootkits effectively, without bothering users with false alarms." He noted that rootkits "were originally used by hackers to cover their tracks after unauthorized access to computers. Today, these techniques have been redesigned in order to mask the presence of malicious software used to gather and exploit personal information…."
I ran a quick test using a half-dozen rootkit-based malware samples. AAR cleaned up the first batch effectively using its ordinary "Search for rootkits" scan. It didn't report on hidden Registry data nor on every hidden file, but after its removal process all leftover files and Registry data were exposed for removal by ordinary antivirus software. As AAR frequently points out, for full protection you'll also need real-time protection against malware installation and a complete malware scan-and-clean tool.
One of the malware samples in the second batch resisted AAR's removal; either that or it managed to reinstall its rookit code immediately after removal. A double-check scan with Microsoft's RootkitRevealer confirmed the problem. Still, this handy freebie will be a nice addition to your security arsenal. Look for a full review shortly.
Copyright 2007 by Ziff Davis Media, Distributed by United Press International
Related stories:
94 percent of spam-advertised online scams are hosted on individual Web servers
Computer scientists from UC San Diego have found striking differences between the infrastructure used to distribute spam and the infrastructure used to host the online scams advertised in these unwanted email messages. This discovery should aid in the fight to reduce spam volume and shut down illegal online businesses and malware sites.
Can a Rootkit Be Certified for Vista?
A roomful of hackers, CIOs and CSOs agree that Microsoft's given us the most secure version of Windows yet, but their approval is served up with a garnish of "excepts," "howevers" and "althoughs."
Online poker targeted by cyber criminals
An online poker game is being targeted by identity-theft criminals, a Finnish computer-security company warned Tuesday.
Anti-Ad Blockers Sure to Irk Viewers
Inventors Philip Newton and Declan Kelly, at Philips Electronics (Eindhoven NL), have come up with a system to stop you from changing channels when viewing an ad and fast-forwarding past ads on recorded material.
Review: Tiny flash drives improve their security
(AP) -- Flash memory drives, the size of your thumb, are dirt cheap and offer gigabytes of storage. It's tempting to fill one of them with important computer files, clip it to a key chain and hit the road.
End tyranny of software updates
Q. Is there any way to know what is being updated when Microsoft updates come through? Being a learned - rather than born - skeptic, I'm suspicious each time an automatic update appears indicating that something is happening that will make it easier for somebody else to run my life or take more of my money or freedoms away.
Researchers develop next-generation computer antivirus system
(PhysOrg.com) -- Antivirus software on your personal computer could become a thing of the past thanks to a new "cloud computing" approach to malicious software detection developed at the University of Michigan. Cloud computing refers to applications and services provided seamlessly on the Internet.
2007 looks like year of 'malware'
The problem of malicious software or malware appears to be getting exponentially worse. So far this year, IBM Internet Security Systems (ISS) X-Force research and development team has identified more than 210,000 new malware samples. That’s more than the team found during all of 2006.