A forum for reverse engineering, OS internals and malware analysis 

Forum for discussion about user-mode development.
 #18433  by pipedev
 Tue Mar 05, 2013 11:14 pm
EP_X0FF, thanks very much.

I have been looking for code like that for a while -- very impressive code and works quite well, will keep me busy for a while.

Don't know if I should here I ask here or make another question but do you know of an available process and/or file hiding Ring 0 rootkit that can defeat IceSword.
 #18435  by EP_X0FF
 Wed Mar 06, 2013 2:15 am
pipedev wrote:Don't know if I should here I ask here or make another question but do you know of an available process and/or file hiding Ring 0 rootkit that can defeat IceSword.
IceSword was out-dated even in 2007. Take every ZeroAccess or TDL they will completely bypass this Chinese BSOD-generator.