Subscribe
  • Home
  • /
  • Security
  • /
  • Sophos introduces enterprise malware removal tool

Sophos introduces enterprise malware removal tool


Johannesburg, 27 May 2016

Sophos has launched Sophos Clean, the latest addition to its Enduser protection portfolio of advanced malware detection, remediation and removal software. The signature-less technology uses progressive behaviour analytics, forensics and collective intelligence to discover and remove code from zero-day threats, Trojans, rootkits, polymorphic malware, irritating cookies, spyware and adware.

Built on technology acquired from SurfRight in December 2015, Sophos Clean represents the next generation of malware detection and removal tools that can detect known and unknown threats. The on-demand scan does not need to be installed, which is particularly useful in cases of ransomware infection or in situations where malware is manipulating installed security software.

"The need for next-generation endpoint protection that doesn't rely on signatures is long established," says Brett Myroff, MD of Sophos distributor, Netxactics. "Zero-day threats and some ransomware, like Cryptolocker, can only be detected by the integrated capabilities of exploit prevention, behaviour analytics and pre-execution heuristics, as built into Sophos's endpoint protection software, for example."

He adds that Sophos Clean can complement any installed anti-malware software by providing a second opinion on suspected files. "With a minimal footprint and fast scan, Sophos Clean will quickly identify and remove all residual traces of malware."

Resilient malware attacks critical system files or boot records to manipulate Windows and anti-virus software - even before the operating system boots. Sophos Clean can remove persistent threats from within the operating system and replace infected Windows resources with safe original versions. Reinfection attempts are proactively blocked until threat remediation has finished.

Today's malware is persistent by design: difficult to detect, difficult to remove and difficult to recover from. "Sophos researchers are seeing an ever increasing sophistication of malware, both the techniques being used and the heavy use of automation. Polymorphism is becoming the norm, and previously unknown malware is on the rise. These attacks, once active on your system, embed themselves deeply using multiple techniques to ensure long-term persistence. Using the latest removal technology, Sophos Clean is able to remove all fragments of a malware infection and return the system to a pristine state," Myroff says.

Sophos Clean is an on-demand malware scanner of just 11MB and can be started directly from a USB flash drive, CD/DVD or network attached storage device. The tool can scan and remediate without leaving a footprint on the local system. A typical scan with Sophos Clean takes less than five minutes because it can immediately distinguish safe applications from malicious software through advanced behaviour analysis and verification of content with a database of trusted applications. This also dramatically reduces the instances of false positives, which some other signature-less malware detection tools have struggled to achieve.

Key features include:

* Zero-day, unknown and ransomware threat detection;
* Removal of all traces of malware, rootkits, RATs, polymorphic attacks; and
* De-cloaking of malware that is manipulating kernel, memory and other system elements.

A 30-day free trial of Sophos Clean is available from the Sophos Web site. Sophos Clean is affordable for companies of all sizes and has a minimum purchase of five licences with bundle options available with Sophos Endpoint Protection.

Share

NetXactics

Established in 1998, NetXactics is a South African company that specialises in sales, marketing and distribution of IT and related products. Its approach is unique, focusing on long-term growth coupled with exceptional customer stability. NetXactics has attained a level five generic BEE rating.

Editorial contacts

Adriaan du Plessis
Me Talk Pretty
(011) 782 1345
adpl@telkomsa.net