Thread: Registry Problem
View Single Post
  #1  
Old 07-01-2005, 09:56
TQN TQN is offline
VIP
  
Join Date: Apr 2003
Location: Vietnam
Posts: 358
Rept. Given: 143
Rept. Rcvd 24 Times in 13 Posts
Thanks Given: 196
Thanks Rcvd at 168 Times in 51 Posts
TQN Reputation: 24
We can use RootkitRevealer (SysInternals) to find those keys in our registry. In my machine, I have three keys of my machine:
HKLM\SOFTWARE\Classes\CLSID\{05F7676A-ABD2-42e5-8107-8B00E139D339}\InprocServer32* 04/07/2004 11:51 PM 0 bytes Key name contains embedded nulls (*)
HKLM\SOFTWARE\FMS\Total .NET SourceBook\1.1\Lic* 29/06/2004 9:15 PM 0 bytes Key name contains embedded nulls (*)
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ 12/11/2004 3:41 PM 0 bytes Key name contains embedded nulls (*)
HKLM\SOFTWARE\ZipWORX\ZipWorx SecureEXE RunTime* 30/06/2005 6:11 PM 0 bytes Key name contains embedded nulls (*)
The last key created by test.exe of TheBoss.
I will code a prog to view and delete those keys.
Regards,
TQN
Reply With Quote