"The bad guys are spending a lot of time trying to hide their work from simpler tools, but we can still see these programs making their calls, and we've already used the tool to find several new variations that we weren't previously aware of," he said. "We use a variety of means to detect processes, files, and registry keys that might otherwise remain hidden, and to bypass cloaking techniques employed by the rootkit authors."
In passing out Rootkit Detective to consumers and businesses free of charge, McAfee is hoping that, as with SiteAdvisor, people will actively use the application to submit virus samples to Avert Labs.
After analyzing any new attacks, McAfee will create a signature for any rootkits it tracks and channel that information into its other client security products.
"Gathering information this manner is a very effective way for us to get a handle on threats we haven't seen before, and it should get new kits flowing in that we can begin researching to adapt to throughout our product lines," Telafici said. "It's great to be able to offer something valuable for end-users that can really help protect them, while allowing us to find new attacks and develop technologies to address for our customers."
The Rootkit Detector launch underscores recent efforts by anti-virus providers to launch technologies aimed at fighting the most complex, cutting-edge attacks being aimed at users by hackers.
Last week, rival Symantec introduced a beta version of its Norton AntiBot program, which is designed to thwart the growing problem of PC-hijacking botnet attacks. However, unlike McAfee's latest offering, AntiBot is a for-pay product that will retail to consumers for less than $30.