Detecting rootkit with Sophos
Its been some time since I last came across a Sophos product until today. I have downloaded the free Sophos Anti-Rootkit and I was keen to see what rootkit if any it would find on my system.
Basically rootkits are a set of programs used to hack into a system and gain administrative-level access and once access is gained it can be used to monitor traffic and keystrokes and capture passwords and also create a backdoor into the system or the hacker's use. Anti-virus software don't normally detect rootkits which is why the Sophos tool came in handy for me.
I like the fact you get the option to scan running processes, Windows registry or local hard drives either independently or together. If you select all the three options then be sure to allow a bit of time if you have a lot of applications and files on your system. After the scan is complete the tool informs you of the suspect files and you either choose to keep them or remove them altogether. If are not so sure about the detected files and would like to know more about them then you can try and check with the Sophos website.
For the record the rootkit detection tool found nothing on my system which is good.