Grisoft Offers Free Rootkit Removal

Apr 11, 2007

Grisoft, makers of the popular AVG Antivirus, today released a free tool specifically aimed at eliminating malicious software that hides itself using rootkit techniques.

Rootkits typically subvert the Windows file system and Registry so as to hide their files from the operating system and from security software that relies on the operating system when searching for traces of malware. Grisoft conducted six months of public beta testing before releasing AVG Anti-Rootkit, to ensure that it removes malicious rootkits without affecting legitimate hidden processes.

AVG Vice President Larry Bridwell explained that AVG Anti-Rootkit was developed to "detect and destroy rootkits effectively, without bothering users with false alarms." He noted that rootkits "were originally used by hackers to cover their tracks after unauthorized access to computers. Today, these techniques have been redesigned in order to mask the presence of malicious software used to gather and exploit personal information…."

I ran a quick test using a half-dozen rootkit-based malware samples. AAR cleaned up the first batch effectively using its ordinary "Search for rootkits" scan. It didn't report on hidden Registry data nor on every hidden file, but after its removal process all leftover files and Registry data were exposed for removal by ordinary antivirus software. As AAR frequently points out, for full protection you'll also need real-time protection against malware installation and a complete malware scan-and-clean tool.

One of the malware samples in the second batch resisted AAR's removal; either that or it managed to reinstall its rookit code immediately after removal. A double-check scan with Microsoft's RootkitRevealer confirmed the problem. Still, this handy freebie will be a nice addition to your security arsenal. Look for a full review shortly.

Copyright 2007 by Ziff Davis Media, Distributed by United Press International

Explore further: Researcher aims to develop system to detect app clones on Android markets

add to favorites email to friend print save as pdf

Related Stories

Phone charger can place user on malware alert

Oct 06, 2013

(Phys.org) —More smartphones, more smartphone apps, and more busy smartphone users downloading apps have become attractive magnets for malware agents. A new category has grown up, not just general malware ...

Linux camp has key to Windows 8 boot lockout

Oct 14, 2012

(Phys.org)—Microsoft's rocky reputation with the open source community was not exactly obliterated with hardware news surrounding the upcoming launch of the operating system, Windows 8. Systems will come ...

Bromium sets up business net around malware (Update)

Sep 19, 2012

(Phys.org)—Bromium has announced the availability of a product intended to make a significant difference in how enterprises cope with relentless attempts to attack their systems with malware, burdening ...

Malware can take ugly leap forward to virtual machines

Aug 23, 2012

(Phys.org) -- A piece of malware categorized as a malicious rootkit can spread via an installer disguised as an Adobe Flash Player installer and is capable of spreading to four different platform environments, ...

Intel-McAfee preview new rootkit weapon

Sep 16, 2011

(PhysOrg.com) -- Letting everyone know that today's computing is no longer about running good anti-virus software, McAfee this week presented a new technology approach in computer protection called DeepSAFE, ...

Recommended for you

Gamers' funding fuels meteoric rise of 'Star Citizen'

17 hours ago

Chris Roberts' brain spun out a grand vision: a rich, immersive galaxy; exquisite spaceships traversing between infinite star systems with thousands of computer gamers manning the cockpits, racing, dogfighting and defending ...

User comments : 0

Please sign in to add a comment. Registration is free, and takes less than a minute. Read more

Click here to reset your password.
Sign in to get notified via email when new comments are made.