In this age of rootkits and stealth technology, use of effective system analysis tools is essential. The desire for financial gain has literally spawned an epidemic of cybercrime. Malware writers are in it for the money now, and just breaking into a system is no longer a hacker s primary objective. Cybercriminals are a highly motivated and unscrupulous lot. Because all of us are vulnerable targets for a malware attack, our security consciousness has been raised considerably.

Process Explorer and Autoruns make an excellent adjunct to traditional security solutions such as antivirus and antispyware programs. They are not a replacement for these programs, but rather, are a complement to help you explore your system for signs of malware intrusion. Putting your system under such scrutiny allows you to identify and eliminate any resident infections in a timely manner.

Now that malware has become highly sophisticated, we need tools that enable us to investigate suspicious activity and the physical evidence of malware penetration thoroughly. Most rootkits achieve their stealth by installing kernel-mode drivers. Process Explorer can list all of the drivers and their locations on your system. It gives you the ability to verify the digital signatures of these drivers through the Driver Properties dialog. By running Process Explorer with AntiHookExec, you even can list rootkit drivers. Since they will not be able to pass signature verification, like most other drivers, you can identify them more easily. Process Explorer and Autoruns together can help you spot and eliminate rootkit autostarts,...