From the F-Secure blog, Sometimes a support issue can lead to the detection of malware. As an example, this case of a blue screen error points to a rootkit as its cause.
Thu, Apr 27 2006 8:13
Sometimes Those Error Messages Actually Mean Something
Removing spyware from a computer is becoming an increasingly difficult task. Look2Me,
a displayer of pop-up advertisements, is a good example of a persistent
malware application that just won't go away. It uses some interesting
techniques to remain installed.
into the winlogon process as a notification package. If the user tries
to unregister the notification package, it is immediately reinstated.
Look2Me also removes the administrator group's debug privileges and
thereby disables the user from interfering. This, along with some other
tricks, makes manual removal close to impossible.
Filed under: News