Welcome Guest ( Log In | Click here to Register a free account now! )
Welcome to Bleeping Computer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.![]() ![]() |
Aug 26 2005, 04:06 PM
Post
#1
|
|
![]() Security Reporter ![]() ![]() ![]() ![]() Group: Members Posts: 509 Joined: 10-April 04 From: Roanoke, Virginia Member No.: 107 |
The Internet Storm Center (ISC) is offering a free Registry Search Tool. This neat new tool will locate the registry key values greater than 255 characters in length. Windows Registry - Nasty Games of Hide & Seek http://isc.sans.org/diary.php?date=2005-08-24 http://isc.sans.org/diary.php?date=2005-08-25 ISC Registry Search tool -- locates long key values http://isc.sans.org/LVNSearch.exe QUOTE We have started to see some possible reports of malware which utilizes this concealment technique in the wild. Products that have been reported to be able to query/report/delete/etc these keys:
AppSense Environment Manager HiJackThis v1.99.1 (SCAN function) HiJackThis v1.99.2 (in development) Stillsecure SafeAccess Sysinternals Autoruns (mixed reports) Regedt32 (Win2k) -------------------- |
|
|
|
![]() ![]() |
| Lo-Fi Version | Time is now: 21st November 2009 - 09:17 PM |