Jump to content

Rootkit Revealer, 2 new items.

Recommended Posts

Ran the latest version of rootkit revealer and these 2 entries showed up. Ran after updating XP today with the latest MS fixes. Do they belong to rootkit revealer. or to MS? I have ran RKR on 3 computers and this shows up on 2 of them. One is an Intel, dual processor and the other is an AMD Athlon 2000. They did not show under the previous version of RKR, so I don'y know if they have been there all along or if the new version checks deeper. Anyone else ran into this?

HKLM\Security\Policy\Secrets\SAC* Key name contains embedded nulls

HKLM\Security\Policy\Secrets\SAI* Key name contains embedded nulls


Link to comment
Share on other sites

  • 4 months later...
  • Administrator

A rootkit is a general description of a set of programs which work to subvert control of an operating system from its legitimate operators. Usually, a rootkit will obscure its installation and attempt to prevent its removal through a subversion of standard system security. Techniques used to accomplish this can include concealing running processes, files or system data from the operating system. Rootkits have their origin in benign applications, but in recent years have been used increasingly by malware to help intruders maintain access to systems while avoiding detection. Rootkits exist for a variety of operating systems, such as Microsoft Windows, Mac OS X , Linux and Solaris. Rootkits often modify parts of the operating system or install themselves as drivers or kernel modules.

Source: Rootkit - Wikipedia

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Create New...