Hello, I tried to post to Spy's thread on rootkits in another forum, but evidently forgot to his "submit." Hoping this post is in the rigth forum now. At any rate, I've become interested in rootkits and have installled TaskInfo2003. It's an excellent program. At http://scheinsicherheit.funpic.de/rootkits.htm You can see the gui and where to look to see if you have any rootkits in the driver folder. On my machine I found 3 suspicious files: BANTExt.sys (96 bytes) dump_atapi.sys (0 bytes) dump_WMILIB.sys (0 bytes) Out of all the many driver files shown by TaskInfo, these are the only ones which have no version and no description listed(only exception is proc guard, which is of course trusted). They are also the only 0-byte files(again, with the exception of proc guard). So, I'm not sure about this. Are these files okay, or are they possible rootkits? Can anyone shed some light on this? By the way, check out rootkit.com to get an idea how insidious rootkits are!