PDA

View Full Version : Zero Char in key name



View77
2009-02-14, 00:28
Two entries from a RootAlyzer scan have a zero character in key name. Both findings are under Local Machine_Security_Secrets and above and below one another. I cannot access their content which is where my question begins. If the entries do not open and are under the security heading what can the odds be of malware present.

PepiMK
2009-02-19, 12:42
Well, something is trying to hide something there.

Have you tried to double-click them? That should show a bit of content. Our Total Commander plugins (http://forums.spybot.info/downloads.php?id=3) for example do also allow browsing this hidden areas.

The odds, without knowing what's in there? Difficult to say. Such rootkit methods are sometimes used by legit software to hide registration information or other stuff as well, and the location might mean such a thing (at least I can't remember malware at that location from memory, but that does not have to say much).