So why aren't we seeing AT developers like DCS and Mischel offering detection tools similar to that knlps (or whatever) and perhaps RegDatXP? Anyone with basic understanding of Windows can detect a regular trojan no matter how patched it is by its autostarts and running process(es), but rootkits and dll trojans are another affair entirely. What am I missing here? And why can't the url for knlps simply be posted here, if it is an entirely legitimate utility? Why the secrecy?