Finding and removing a rootkit

Rootkits are relatively easy to install on victim hosts. To upload a rootkit, a determined attacker can do everything from exploit a Windows vulnerability to crack a password or even obtain physical system access. They can even con users into running an executable file in an email attachment or via a hyperlink distributed via email or instant messaging. Once they're in place, as you're likely to find out, rootkits aren't so easy to find or get rid of.

The rootkit threat is not as widespread as viruses and spyware. Given this fact, and the lack of a truly effective rootkit prevention solution, handling rootkits is largely a reactive process.

Here are various techniques and tools for finding rootkits and removing them from your systems if you suspect an infection...Step-by-Step Guide: Finding and removing a rootkit

Linked by shanmuga Friday, 20th October 2006 8:11AM