Historically, rootkits don’t gather a lot of press or attention as compared to other virii or spyware but the Sony DMG fiasco of a few years back shown some light on the technology. Rootkits are like the sophisticated big brother of virii and trojans. At the end of the day, their purpose is largely the same but rootkits are by definition much harder to detect and eradicate.  Without getting in too deep technically, rootkits infect their host computer systems at a very low level. This allows them to obscure their existence – if you brought up a process list in Windows you wouldn’t find an id for the rootkit. Because of this intelligence, it is equally difficult for the anti-virus software to detect the problem. Anti-virus works closely within the Windows framework and if Windows isn’t aware of a processes execution it can’t coordinate with the anti-virus software to remove anything.

Codewalker is a free rootkit detection software written by an individual at the highly technical Sysinternals Forums. The author cautions that it is very much a work in progress but since it is constantly being updated, it’s already detecting many different types of rootkits.

The single executable software can be executed on demand where it will begin a deep system scan for a few minutes before displaying the user interface for further analysis. In it’s current state, Codewalker can:

• Detect hidden processes
• Detect hidden drivers
• Detect hidden files (support NTFS only)
• Detect hooks in both kernel mode and usermode.
• Works on Windows English 2000/XP/2003/Vista/2008

The little bit of effort necessary to return the results is well worth your general piece of mind in my opinion.