Security Basics mailing list archives
Re: Null Terminated Strings
From: ChayoteMu <chayotemu () gmail com>
Date: Mon, 27 Jun 2005 16:14:27 -0700
I'm not sure if it'd work because I haven't tried it, but if you're feeling brave you could try to export the registry, then go through the export file and remove the key from there. Then import the fixed reg file. It sounds doable, but I don't know what the exported reg file looks like sp I don't know what's involved in all of that, but I'll give it a shot tonight. If anyone's done this (or tried or whatever) let me know. On 26 Jun 2005 12:44:19 -0000, e_borgard () yahoo com <e_borgard () yahoo com> wrote:
Recently, I downloaded and scanned my PC with Rootkit Reveler from Sysinternals. It produced a hidden registy key in: HKLM\Software\Microsoft\Windows\CurrentVersion\Reinstall\ Should I be concerned that this is a rootkit? What can I do to remove this registry entry if it is hidden from regedit? Any advice would be helpful. Sincerely, Erick Borgard A+, CCNA
-- "To catch a theif, think like a theif. To catch a master theif, be a master theif."
Current thread:
- Null Terminated Strings e_borgard (Jun 27)
- RE: Null Terminated Strings Prashant Meswani (Jun 27)
- Re: Null Terminated Strings ChayoteMu (Jun 28)
- Re: Null Terminated Strings Ansgar -59cobalt- Wiechers (Jun 29)