Discussion in 'other security issues & news' started by WilliamP, Nov 2, 2005.
I downloaded and ran Rootkit Revealer and I got this. Now what ?
The RK Revealer Forum might be helpful http://www.sysinternals.com/Forum/forum_topics.asp?FID=15
Well, we can't really see the Path information, but it looks like nothing to worry about really. The bottom 2 entries appear to refer to the same file, but one that probably was modified during the scanning process. Rootkit Revealer scans the filesystem 2 different ways: one through the normal Windows API and the other through a lower-level access mechanism that avoids normal API calls. It then compares the results of the two scans and notes the discrepancies. Therefore if one of the files were to change between the two scans, then it would be noted as a discrepancy even though it may be the result of some harmless process. The file that appears to have changed seems to be in the C:\Windows\Internet Logs path and so is probably just the result of an automated log update.
I have posted in the Rootkit Revealer forum. Hopefully I can find out something.
Separate names with a comma.