Manage Learn to apply best practices and optimize your operations.

Step 4: Bulletproof your efforts

It's difficult -- but not impossible -- to be totally sure that your system is 100% rootkit free, says Windows security expert Kevin Beaver. In this step-by-step guide, Beaver shows you how to strengthen your Windows systems against the rootkit threat.

To truly bulletproof your rootkit detection and cleanup process, make sure you always read the current user instructions for your scanning tools to see what special steps you need to take before, during and after the clean-up process. Then, after you've found and cleaned a rootkit, rescan the system once you reboot to double-check that it was fully cleaned and the malware hasn't returned.

As of now, rootkit infections typically occur in targeted attacks, but given the way things have progressed with malware in the past decade, I wouldn't be surprised to see this as a widespread problem in the future. As always, the bad guys are using their knowledge and technical skills to stay a step or two ahead.

Still a little paranoid about rootkit infections? Want to be sure your system is truly clean? The best and most reliable method is to repartition, reformat and reload Windows. It's painful, but it's really the best way to go if you really need some closure.


Finding and removing a rootkit

 Home: Introduction
 Step 1: Is there a problem
 Step 2: Choose the right scanning tool
 Step 3: Clean up the mess
 Step 4: Bulletproof your efforts
About the author:
About the author: Kevin Beaver is an independent information security consultant and expert witness with Atlanta-based Principle Logic, LLC. He has more than 18 years of experience in IT and specializes in performing information security assessments revolving around compliance and IT governance. Kevin has written six books, including Hacking For Dummies (Wiley), Hacking Wireless Networks For Dummies, and The Practical Guide to HIPAA Privacy and Security Compliance (Auerbach). He can be reached at kbeaver@principlelogic.com. Copyright 2006 TechTarget

Dig Deeper on Network intrusion detection and prevention and malware removal

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.

-ADS BY GOOGLE

SearchVirtualDesktop

SearchWindowsServer

Close