Title: Free anti-rootkit tool from Sophos
Increasing numbers of manufacturers are realising that standard anti-virus software protection measures are inadequate against rootkits. Now anti-virus software manufacturer Sophos has provided a tool for detecting and removing rootkits. The program searches for processes, registry entries and files which are not shown via normal Windows API calls. However, it is only possible to remove a detected rootkit once it has been unambiguously identified.
As well as a graphical version, Sophos has also provided a program which can be operated from the command line. In an initial function test by heise Security, the anti-rootkit program recognised an adapted version of the Sony-BMG-Rootkit. The copy protection hides files, folders, processes and registry entries which begin with a specific sequence of characters. Viruses, which are then often no longer detected by standard anti-virus programs, can also hide beneath this disguise. Bitdefender and F-Secure already offer similar tools.
(ehe)