Page 3 of 5 FirstFirst 12345 LastLast
Results 21 to 30 of 43

Thread: Here's a preview...

  1. #21
    Senior Member
    Join Date
    Oct 2005
    Location
    Potomac MD USA
    Posts
    119

    Default

    Hi,
    Thank you for the Root Alyzer.
    I did download it and execute it from the zip file on the desktop. How do I complete the installation in order to execute it in the future? I did not see it in the Spbbot list of plugins.
    I did not find any problems with the quick scan. I got 36 entries like this one from the deep scan. They all dealt with System Certificates. There was no explanation:
    Key:"Hidden registry key","HKEY_LOCAL_MACHINE","\SOFTWARE\Policies\Microsoft\SystemCertificates\?????k\",""
    Thanks
    Frank C

  2. #22
    Senior Member dj.turkmaster's Avatar
    Join Date
    Feb 2007
    Location
    TURKEY/Ankara
    Posts
    139

    Default

    can it remove the rootkits it has found?
    And btw i selected the deep scan and chose the c: drive to scan but it doesnt start scanning it says you didnt select any drives for scanning and under it writes registry scanner starting.
    Last edited by dj.turkmaster; 2008-03-24 at 16:39.
    DOCTUS.ORG Turkish security forum

  3. #23
    Junior Member
    Join Date
    Mar 2008
    Location
    AZ, USA
    Posts
    3

    Default

    I've sent the email.

    Would you consider adding an option to select which registry hive to scan, like the file scanning, so not only is there precise control over individual hives, but also the ability to turn off registry scanning if needed.

  4. #24
    Junior Member
    Join Date
    Mar 2008
    Location
    Perth Australia
    Posts
    15

    Default Regalyzer

    Just downloaded and will be interested to see how it works. I have used Rootkit Revealer from Sysinternals, but was not able to interpret results. Being Microsoft they are bureaucratic and yet to respond to my forum registration, after 5 days!
    Be curious to know the registry cleaner Robo had a problem with as I think my recent troubles began with a trusted registry cleaner

  5. #25
    Junior Member
    Join Date
    Mar 2008
    Posts
    2

    Default

    Quote Originally Posted by Russell C View Post
    Be curious to know the registry cleaner Robo had a problem with as I think my recent troubles began with a trusted registry cleaner
    The registry cleaner I guess that was the reason of my problems was RegSeeker 1.51.

    cu, Robo

  6. #26
    Member of Team Spybot PepiMK's Avatar
    Join Date
    Oct 2005
    Location
    Planet Earth
    Posts
    3,571

    Default

    Just to keep everyone up-to-date, I think I've finally been able to reproduce the problems for example ddcc_7 reported - on Windows 2000 (the same registry keys do not cause any trouble on XP), and fixed them.
    It was kind of similar to the problem with detecting registry keys: in rare cases, RegQueryInfoKey returns "0" as the maximum length for the name of any values inside a key (lpcMaxValueNameLen). While I see this as a possible trouble cause, since even regedit is able to ignore it, it shouldn't be mentioned here though.

    I've also added that missing feature request to the bugtracker:
    Select list of reg hives to scan

    As for interpreting the results, only 0.1.3 will start having the "Details" column filled, and then we will have to add a helpfile providing more details on what these short "details" mean
    Just remember, love is life, and hate is living death.
    Treat your life for what it's worth, and live for every breath
    (Black Sabbath: A National Acrobat)

  7. #27
    Junior Member
    Join Date
    Apr 2008
    Posts
    2

    Default And then...

    Hi there,

    Nice tool!

    I've been attempting to remove a very persistant piece of spyware, and I've used every piece of ammo I've got and can't get rid of it.

    I've stumbled across this tool in my attempts.

    I've got a hidden file: c:\windows\system32\drivers\sajp38.sys.

    We do we do from here? I can't find it in Windows Explorer... Nothing shows up in Google about it...

    It'd be handy to see the Date Modified properties, and other file properties for the file. At least we'd then have some idea if it is in fact a file that we need to concern ourselves with?

    Thanks!
    Max

  8. #28
    Member of Team Spybot PepiMK's Avatar
    Join Date
    Oct 2005
    Location
    Planet Earth
    Posts
    3,571

    Default

    The File Properties dialog for the file (where you found the timestamp information as well) should have that information a Delete button in the lower right.
    Should show up by double-clicking a result in the list
    Just remember, love is life, and hate is living death.
    Treat your life for what it's worth, and live for every breath
    (Black Sabbath: A National Acrobat)

  9. #29
    Junior Member
    Join Date
    Mar 2008
    Posts
    4

    Smile Updating it...

    Will we always have to come back here to check for the latest version of RootAlyzer, or will you incorporate an update feature?
    Anyway, it's a great tool!

  10. #30
    Member of Team Spybot PepiMK's Avatar
    Join Date
    Oct 2005
    Location
    Planet Earth
    Posts
    3,571

    Default

    This tool is of course just an attempt to lure you back to the forums :D

    No, just kidding, you're absolutely right; our about dialog already has a very simple button to look whether new updates are available or not integrated (as seen in our Distributed Testing client), just not shown yet. Did enable it for the next version
    Just remember, love is life, and hate is living death.
    Treat your life for what it's worth, and live for every breath
    (Black Sabbath: A National Acrobat)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •