Security → Re: Possible rootkit?

That's a crappy rootkit, using dirty tricks.

I suggest you go read up about Rustock.B variant.

Its crappy because it shows your earlier comment ill-informed?

Aren't you familiar with the "incovenient truth" theory?
If the truth goes aginst what you just say then debunk it, call it names and then twist it to your favour.

So his example is, in your opinion, a "crappy rootkit". And?

It still is an example of the point he was making. Or are we only talking about "non crappy rootkits"?

Anyway, arguing over crappy vs non crappy rootkits doesn't help the OP. He still needs to investigate further using more tools and possibly posting in the Cleanup forum.

I suggested a GMER scan. It's more thorough than AntiVir AV's built in antirootkit module.

I also said your average usermode rootkit isn't that complex, but he went out of his way to post about the most obnoxious usermode rootkit he could find. I suggested one of my favorite kernel mode examples.

Regardless, I still think he's very ill-informed and that rootkits aren't his place.

No. I have more obnoxious userland rootkit examples. I posted about one of the ones most prevelant at the moment.
In any case, your earlier comment was OT as far as I am concerned. as La Luna reminded, the issue is helping the OP, not guesses as to how informed Bill Castner is about rootkits.

I have yet to see anything you have posted that is either helpful to the OP or any proof of any of bcastner 's information being erroneous.

I'd also be interested in how one becomes the authority to determine what Bill's "place" is. The hey mod button is yours to use if you feel he's out of his "place".

To the OP,

I concur that going to the cleanup forum and going through the process will yield you more thorough and accurate analysis and resolution of any problems or false positives that may be uncovered. I suspect that bcastner will be there to help