Harry Posted July 14, 2007 Share Posted July 14, 2007 Ran the latest version of rootkit revealer and these 2 entries showed up. Ran after updating XP today with the latest MS fixes. Do they belong to rootkit revealer. or to MS? I have ran RKR on 3 computers and this shows up on 2 of them. One is an Intel, dual processor and the other is an AMD Athlon 2000. They did not show under the previous version of RKR, so I don'y know if they have been there all along or if the new version checks deeper. Anyone else ran into this? HKLM\Security\Policy\Secrets\SAC* Key name contains embedded nulls HKLM\Security\Policy\Secrets\SAI* Key name contains embedded nulls Harry Quote Link to comment Share on other sites More sharing options...
Administrator Tarun Posted July 14, 2007 Administrator Share Posted July 14, 2007 They're nothing to worry about. The new version simply changed how Rootkit Revealer performs the scanning process. :hello: Quote Link to comment Share on other sites More sharing options...
Photogrrlz Posted November 15, 2007 Share Posted November 15, 2007 Okay I have a dumb question since I seen it on the combofix... what is a rootkit? also I guess that is the catchme program off of combofix? I read that it was because of a rootkit that the system32 folder was deleted Quote Link to comment Share on other sites More sharing options...
Administrator Tarun Posted November 15, 2007 Administrator Share Posted November 15, 2007 A rootkit is a general description of a set of programs which work to subvert control of an operating system from its legitimate operators. Usually, a rootkit will obscure its installation and attempt to prevent its removal through a subversion of standard system security. Techniques used to accomplish this can include concealing running processes, files or system data from the operating system. Rootkits have their origin in benign applications, but in recent years have been used increasingly by malware to help intruders maintain access to systems while avoiding detection. Rootkits exist for a variety of operating systems, such as Microsoft Windows, Mac OS X , Linux and Solaris. Rootkits often modify parts of the operating system or install themselves as drivers or kernel modules. Source: Rootkit - Wikipedia Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.