Avast WEBforum
Other => General Topics => Topic started by: Happy-Dude on February 10, 2007, 12:40:16 AM
-
Heya guys :) !! Just wondering, I'm stalling Process Explorer and Rootkit Revealer onto my PC and I'm wondering if there's anything I should know. I'm pretty confident about Process Explorer and it's functionality, but I'm more concerned on Rootkit Revealer.
Any heads up before I install the two ? All info are appreciated :) !!
-
**Correction: Sysinternals Utilities.**
Also, Rootkit Revealer found these registry values (can't really copy and paste):
Path: HKLM/SECURITY/Policy/Secrets/SAC* Timestamp: 10/14/04 6:51 PM Size: 0 bytes Description: Key contains embedded nulls (*)
Path: HKLM/SECURITY/Policy/Secrets/SAI* Timestamp: 10/14/04 6:51 PM Size: 0 bytes Description: Key contains embedded nulls (*)
Path: HKLM/SOFTWARE/Microsoft/Cryptography/RNG/Seed Timestamp: 2/9/2007 7:39 PM Size: 80 bytes Description: Data mismatch between Windows API and raw hive data
Path: HKLM/SOFTWARE/Novatix/Cyberhawk/ProcessCount Timestamp: 7:39 PM Size: 4 bytes Description: Data mismatch between Windows API and raw hive data
I'm wondering if they are anything to worry about ... I'm familiar with Microsoft things (kinda) and Novatix Cyberhawk. Also, it said cmd.exe (which I believe is a COMODO Firewall process) prevented the scan from completing. Thats all I can give right now. Thanks the for info !!
-
Rootkit Revealer in the hands of someone who doesn't fully understand the information it returns (why something is in that area of the registry and why it might be hidden) is nothing short of dangerous. It is very like HiJackThis it just produces raw data which has to be analysed by someone that would understand it.
I don't profess to fully understand it, but I don't believe there is anything there that I would attempt to remove.
Neither of the two actually require installation as such you just create a folder and unpack the zip file into it, they don't require any registry entries.
Process Explorer is good as it its partner TCPView from the same author.