Hi Waldo,

As hackers have used these rootkits also against windows, and this is getting more into the open, there are popping up rootkit detectors, when this becomes a wider threat to window users. One such a tool is RkDetect, a small script and program written in Visual C++ 7.0 47104 bytes version 5.2.3790.0 CRC-32 38203ESA run sc.exe in Dos import table lib.4 imports kernel32.dll 20 msvcrt.dll 25 ADVAPI32.dll 28 ntdll.dll 2 imports You need ADVAPI32.DLL on your system, it list all hidden processes. Fine Russian program, but again it is a two-edged sword, because you can add hidden services too with this one. API-Spy is also helpfull. But the best evaluation method is interpretation from a CD with uncompromised files to evaluate.

Greetings,

polonus