Installing some Windows Internals Utlities, anything I should know?

Heya guys !! Just wondering, I'm stalling Process Explorer and Rootkit Revealer onto my PC and I'm wondering if there's anything I should know. I'm pretty confident about Process Explorer and it's functionality, but I'm more concerned on Rootkit Revealer.

Any heads up before I install the two ? All info are appreciated !!

 

**Correction: Sysinternals Utilities.**

Also, Rootkit Revealer found these registry values (can't really copy and paste):

Path: HKLM/SECURITY/Policy/Secrets/SAC* Timestamp: 10/14/04 6:51 PM Size: 0 bytes Description: Key contains embedded nulls (*)

Path: HKLM/SECURITY/Policy/Secrets/SAI* Timestamp: 10/14/04 6:51 PM Size: 0 bytes Description: Key contains embedded nulls (*)

Path: HKLM/SOFTWARE/Microsoft/Cryptography/RNG/Seed Timestamp: 2/9/2007 7:39 PM Size: 80 bytes Description: Data mismatch between Windows API and raw hive data

Path: HKLM/SOFTWARE/Novatix/Cyberhawk/ProcessCount Timestamp: 7:39 PM Size: 4 bytes Description: Data mismatch between Windows API and raw hive data

I'm wondering if they are anything to worry about ... I'm familiar with Microsoft things (kinda) and Novatix Cyberhawk. Also, it said cmd.exe (which I believe is a COMODO Firewall process) prevented the scan from completing. Thats all I can give right now. Thanks the for info !!

 

cmd is part of windows:

http://www.liutilities.com/products/wintaskspro/processlibrary/cmd/

Comodo's processes are cpf.exe (GUI) and cmdagent.exe (Comodo Agent Service).

 

Of course, cmd.exe is in C:\Windows\system32 . Worth checking

 

Nothing to worry about, and no rootkit, all false positives.


StevieO

 

I'm kind of surprised, I would have thought UniBlue to know better than that. DOS is an operating system, "Direct Operating System". The command line console is neither "direct" nor an operating system. Not even cmd.exe can directly access the hardware the way DOS does. I can understand how a user might make that mistake, but UniBlue?

 

Notok, it's probably because it serves the purpose. Look, it's just like DOS!
I didn't even read it, i just trust that site to provide accurate definitions, as in better than me... Sorry for the imprecision

 

Just shut everything down before running RR.

Direct Operating System?

 

Disk Operating System

 

Yeah Disk, just wondered where Notok got it from, never heard it called Direct Operating System, seen Dirty as in QDOS...Quick & Dirty.