Dennis D. McDonald (ddmcd@ddmcd.com) consults from Alexandria Virginia. His services include writing & research, proposal development, and project management.

Spy Sweeper Checks for Rootkits

by Dennis D. McDonald

One of the regular maintenance routines for my business laptop is running Webroot’s “Spy Sweeper” to detect and remove various spyware applications. Spy Sweeper is updated frequently, runs in the background, asks me about any new application being installed, and issues regular alerts. I supplement it by running Norton AntiVirus for viruses and CCleaner for Windows junk.

Spy Sweeper recently made an announcement about “rootkits.” No mention is made about Sony but the careful wording of the announcement makes for interesting reading (please ignore the grammatical errors):

Spy News. The Newest Spyware Threat: Rootkits. Rootkits have been in the news a lot lately, but what exactly are they? A rootkit is a set of software tools frequently used by a malicious user after they gain access to a computer system. Rootkits conceal running processes, files or system data, which helps an intruder maintain access to a PC without the user's knowledge. Rootkits may hide the presence of spyware and other programs that monitor your online usage and keystrokes. Rootkits can also conceal backdoors that a malicious user may use to gain unrestricted access to your system. In other words, rootkits are capable of making your operating system more vulnerable to malicious code, like spyware programs, that may hide additional files on an infected computer. Spy Sweeper detects and removes certain applications that disguise files, including rootkits. Webroot feels that using an application to obfuscate software may subject a user's PC to malicious attack. If our threat research team determines that the rootkit presents a security threat to a user, we will detect and remove it.

I admit that this is one area that I’m going to have to take on faith. I have no desire to learn how to run a “rootkit revealer” on my own. Furthermore, if a potentially malicious problem is revealed, I’d rather trust someone else to remove it without having to ask me too many questions. If a product like Spy Sweeper is committing to take care of this for me, that’s great. But I will back up my system just in case there’s a problem…

 

Stardust Touches Down

Yahoo! Mail Beta and the Real World