Episode nine of Steve Gibson’s Security Now podcast covered Rootkits – I thought I knew what a root kit is but was wrong. As always Steve’s podcast starts out very basic, but the latter halves normally teach someone of my level a few nuggets. This week is no exception, I learned that to be infected by rootkit technology means your operating system has been compromised, and as yet AdAware and cannot help. You can listen to the podcast or Google for more information on Rootkits, but the most important point is that SysInternals have the only tool that can help.
SysInternals Root Kit Detectors will read your file system and registry without using high level OS calls and compare the results to those when using OS calls. Any differences indicate an OS call has been intercepted.
Get the free tool here: http://technet.microsoft.com/en-us/sysinternals/bb897445.aspx
Security Now is here: http://www.grc.com/securitynow.htm