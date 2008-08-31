Spyware, Viruses, & Security forum

General discussion

RootkitRevealer -- What was it suppose to have done?

by lalaith1977 / August 31, 2008 1:37 PM PDT

I just downloaded and ran RootkitRevealer (from download.com). It scanned my PC (I use Windows XP SP2 Home Edition) and the last time I checked on it, it had found four things and was still scanning.

So I left it alone to scan. I come back to the PC and the scan (I assume) finished. But there are no scan results, the program's closed. There's just nothing.

I tried opening the documentation that also downloaded with it and all I get is a "Navigation to web page was canceled" message.

What was RootkitRevealer supposed to have done and what's the problem with it?

Discussion is locked
Flag
Permalink
You are posting a reply to: RootkitRevealer -- What was it suppose to have done?
The posting of advertisements, profanity, or personal attacks is prohibited. Please refer to our CNET Forums policies for details. All submitted content is subject to our Terms of Use.
Track this discussion and email me when there are updates

If you're asking for technical help, please be sure to include all your system info, including operating system, model number, and any other specifics related to the problem. Also please exercise your best judgment when posting in the forums--revealing personal information such as your e-mail address, telephone number, and address is not recommended.

You are reporting the following post: RootkitRevealer -- What was it suppose to have done?
This post has been flagged and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.
Sorry, there was a problem flagging this post. Please try again now or at a later time.
If you believe this post is offensive or violates the CNET Forums' Usage policies, you can report it below (this will not automatically remove the post). Once reported, our moderators will be notified and the post will be reviewed.
Track this discussion
Thread display: Collapse / Expand
5 total posts
Collapse -
RootkitRevealer
by Marianna Schmudlach / August 31, 2008 3:00 PM PDT

RootkitRevealer is an advanced rootkit detection utility. It runs on Windows NT 4 and higher and its output lists Registry and file system API discrepancies that may indicate the presence of a user-mode or kernel-mode rootkit. RootkitRevealer successfully detects many persistent rootkits including AFX, Vanquish and HackerDefender (note: RootkitRevealer is not intended to detect rootkits like Fu that don't attempt to hide their files or registry keys). If you use it to identify the presence of a rootkit please let us know!

Read more: http://technet.microsoft.com/en-us/sysinternals/bb897445.aspx

Flag
Permalink
This was helpful (0)
Collapse -
Why did the discrepancy list disappear?
by lalaith1977 / September 1, 2008 3:40 AM PDT
In reply to: RootkitRevealer

Based on that link it sounds like it was suppose to have displayed a list of discrepancies when it finished the scan. It was building the list as it was scanning (as I saw four items). So why did everything just disappear when the scan was (presumably) finished as there was no information when I checked the computer again?

Flag
Permalink
This was helpful (0)
Collapse -
Did you run RootkitRevealer as stated here........
by Marianna Schmudlach / September 1, 2008 6:45 AM PDT
Using RootkitRevealer

RootkitRevealer requires that the account from which its run has assigned to it the Backup files and directories, Load drivers and Perform volume maintenance tasks (on Windows XP and higher) privileges. The Administrators group is assigned these privileges by default. In order to minimize false positives run RootkitRevealer on an idle system.

For best results exit all applications and keep the system otherwise idle during the RootkitRevealer scanning process.

I would suggest to visit Sysinternals RootkitRevealer Forum.
Flag
Permalink
This was helpful (0)
Collapse -
Very important
by Tarq57 / August 31, 2008 8:21 PM PDT

to NOT delete everything found with Rootkit revealer. (You can also ask about found items at the sysinternals forum.) There are some known FP's with some results. You can damage your system by using it without knowing what you're doing.

Flag
Permalink
This was helpful (0)
Back to Spyware, Viruses, & Security forum 5 total posts
Popular Forums
icon
Computer Newbies 10,686 discussions
icon
Computer Help 54,365 discussions
icon
Laptops 21,181 discussions
icon
Networking & Wireless 16,313 discussions
icon
Phones 17,137 discussions
icon
Security 31,287 discussions
icon
TVs & Home Theaters 22,101 discussions
icon
Windows 7 8,164 discussions
icon
Windows 10 2,657 discussions

REVIEW

A slim, stylish 2-in-1 with some graphics muscle

Asus packed a lot of value -- and discrete graphics -- into the slim ZenBook Flip 14, making it fine choice for more performance and portability in a two-in-one design.