McAfee's Rootkit Detective debuts today, a free tool designed to disinfect PCs of malicious malware.
The Rootkit Detective 1.0 has been designed and developed by McAfee to proactively detect and clean rootkits on PC systems. It is, says McAfee, not dependent on any signatures and can proactively detect most of the existing/upcoming rootkits and allow the user to clean them.
The Rootkit Detective tool has the following features:
- Designed to proactively detect the system objects like processes, files and registry that are hidden to the user.
- Provides information about all running processes in the system.
- Provides information about various system hooks like SSDT(System Service Descriptor Table) hooks, user/kernel IAT/EAT(Import/Export Address Table) hooks.
- Allows the user to clean/remove the malicious objects from the system by renaming/deleting the hidden files/registry.
- Allows the user to terminate the malicious processes.
- Users can submit samples using the submission feature present in the tool.
- Users can also collect the samples manually after renaming them and submit to firstname.lastname@example.org for further analysis.
Extra spyware protection
"Rootkit Detective offers the most comprehensive rootkit detection capabilities available today," says Ahmed Sallam, lead research architect at McAfee. "We have achieved extremely high levels of accuracy, using various techniques to find anything that hides itself on a computer."
Rootkits themselves are becoming increasingly sophisticated and these malware programs often don't attack a PC directly. Instead, they are often used to cover up other malware that may be running on a computer system.
Rootkits can often mask the work of keystroke-loggers, for example, that are designed to steal passwords and other personal information.
According to McAfee, the number of rootkits hit 3,284 last year and has already more than doubled in the first half of this year to 7,325. Since the initial trial release of Rootkit Detective in January, the application has been downloaded over 110,000 times.