Sophos Anti-Rootkit is, judging by our download stats, one of our most popular free tools – helping computer users scan, detect and removes any rootkit that is hidden on their computer using advanced rootkit detection technology.
I’m delighted to say that we have now updated our free rootkit detection and removal tool to support 64-bit versions of Windows and the upcoming Windows 7.
Most of the Windows XP rootkits that we analyse in SophosLabs won’t work on Windows 7. This is especially true of the more advanced rootkits that usually do some very build/version-specific DKOM (Direct Kernel Object Manipulation).
There are some proof-of-concept rootkits around that have been specially written to work on x64 Windows 7, disabling or otherwise circumventing the secure driver loading system. Some of these were revealed at the recent BlackHat conference, for example. However, we have yet to see any of these in the wild. The same applies to rootkits targeting 64-bit versions of Vista and XP.
So, at the moment the rootkit threat on these platforms is not huge – but I reckon many of you would prefer to have a product ready in case you need it, rather than bumbling around looking for one when you have a possible emergency on your hands.
Remember, you don’t have to be an existing Sophos customer to use Sophos Anti-Rootkit. It can be run alongside any other computer security product you might be using if you want to double-check that there isn’t a rootkit lurking somewhere on your system.
Last time we had some news about Sophos Anti-Rootkit we broadcast a video of ourselves in black tie and ballgowns. The budget hasn’t stretched so far this time around, so just download the new version.