Rootkit threat in windows environment
After Microsoft Warns of New Security Threat System monitoring programs, called rootkits, may pose a serious danger to your PC. it is time to see what offering is available to protect our PCs…
A root kit is a set of tools used by an intruder after cracking a computer system. These tools can help the attacker maintain his or her access to the system and use it for malicious purposes. Root kits exist for a variety of operating systems such as #Linux, Solaris, and versions of Microsoft Windows. [WikiPedia]
The windows rootkit threat has never been so high as today: Rootkit creators turn professional
All major antivirus software are now starting to provide solutions with more or less sucess:
- Symantec Hacktool.Rootkit comprises a set of programs and scripts that work together to allow attackers to break into a system. If Hacktool.Rootkit is detected on a system, it is very likely that an attacker has gained complete control of that system. All files that are detected as Hacktool.Rootkit should be deleted. Infected systems may need to be restored from backups or patched to restore security.
- Sysinternal is a company more known for his hacking or developer tool, but they have been the first to give away a free rootkit revealer and detection program.
- F-Secure Corp has added rootkit-detection features to its product suite: F-secure Blacklist
- Microsoft Strider Ghostbuster is a future tool from the Giant.
The only problem is that the only solution is to restore your system by using a "non corrupted" os version (the problem is to have enough backup)…
Also do not forget to visit the biggest community (33 000 users) at www.rootkit.com