Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Rootkit Revealer Found Something.


  • Please log in to reply
3 replies to this topic

#1 joe blow

joe blow

  • Members
  • 78 posts
  • OFFLINE
  •  
  • Local time:08:25 AM

Posted 12 June 2007 - 02:27 AM

Hi,

I ran rootkitrevealer and it found this.

HKLM\SECURITY\Policy\Secrets\SAC* 5/31/2007 5:55 PM 0 bytes Key name contains embedded nulls (*)
HKLM\SECURITY\Policy\Secrets\SAI* 5/31/2007 5:55 PM 0 bytes Key name contains embedded nulls (*)


The problem is I don't know what it means or even if it is someting to be concerned about. I hope someone can tell me what the report means.

I also ran the AVG rootkit detector and it gave me the all clear.

Spyare and antivirus scans find nothing.

Thanks if anyone can help.

BC AdBot (Login to Remove)

 


#2 DaveM59

DaveM59

    Bleepin' Grandpa


  • Members
  • 1,355 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:TN USA
  • Local time:07:25 AM

Posted 12 June 2007 - 06:04 PM

Hi Joe Blow,

Those lines mean exactly what they say. Embedded nulls make a registry key name hard to read, but they don't necessarily mean the entries refer to a rootkit.

See this webpage:

http://forum.sysinternals.com/forum_posts.asp?TID=8881

Dave

#3 joe blow

joe blow
  • Topic Starter

  • Members
  • 78 posts
  • OFFLINE
  •  
  • Local time:08:25 AM

Posted 13 June 2007 - 01:16 AM

Thanks.

#4 DaveM59

DaveM59

    Bleepin' Grandpa


  • Members
  • 1,355 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:TN USA
  • Local time:07:25 AM

Posted 13 June 2007 - 07:56 AM

You're welcome. :thumbsup:




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users