Hi all,
Just found a rootkit that Spybot was unable to find. Ended up having to use SysInternals RootKit Revealer and boot into BartPE to remove it.
Attached is the files and the RootKitReveal log that shows which reg keys it generates.
Hope thats all thats needed to get it into the detection lists
Sorry, forgot to mention what it actually does.
- Blocks WindowsUpdate website
- Blocks most security vendor websites
- Link redirections