RE: Null Terminated Strings

["Prashant Meswani" <prashant.meswani () ukonline co uk>]

When it comes to root kits, from what I understand, it would be next to
impossible to remove. The best solution would be to reinstall the OS from
scratch (including formatting the hard drive) as I am led to believe that
this is the only way to get rid of a rootkit.

Regards,

Prashant.

The opinions expressed in this email are those of my own and does not
represent those of any organisation or associations to which I belong to
unless stated otherwise.

-----Original Message-----
From: e_borgard () yahoo com [mailto:e_borgard () yahoo com] 
Sent: 26 June 2005 13:44
To: security-basics () securityfocus com
Subject: Null Terminated Strings

Recently, I downloaded and scanned my PC with Rootkit Reveler from
Sysinternals.  It produced a hidden registy key in:
 HKLM\Software\Microsoft\Windows\CurrentVersion\Reinstall\

Should I be concerned that this is a rootkit?

What can I do to remove this registry entry if it is hidden from regedit?

Any advice would be helpful.

Sincerely,

Erick Borgard A+, CCNA