Blacklight

I am sure most people running *nix are familiar with rootkit detectors, but now that rootkits are targeting Windows boxes, and current antivirus and trojan hunters don't detect them there, a few new rk checkers for Windows are coming out.
F-Secure has one in beta, free until July 1, 2005 called Blacklight. It's fast and effective.
Microsoft has one as well, called Ghostbuster, that comes in 3 flavors.
Sysinternals version is called RootkitRevealer and is now very capable, after changing the way it's called to run. It uses a randomly named copy of itself, to thwart the attempts at targeting it.

Check them out, see what works for you, and add one to your arsenal. The best offense is a good defense.

I did a search but didn't see anything on this, so just wanted to bring it out. The May 10th issue of PCmag has an article on Windows Rootkits if anyone has it.

 

 

 

 

Top