Oh, i wasn't aware that RR had dated so. So which root-kit scanner is the suggested one to use now then ? as most of the programs in that link don't primarily focus on root-kits. Also i have nearly all those suggested free programs, and have also used all the those free online scanners, which are quite good i might add, but anyway, that's just the problem, all these various scanning programs i have used all either come back clean, or come up with results that i have already identified, either via asking a friend/google search/or scanning it with taskmon, which has a vast library of intel on various threats. However RootkitReveler was the only program that i had/was aware of that primarily focused on root kits, and it was also the only one off all the lot to find that inprocserver thingy, which i still haven't been able to identify, well actually i have identified numerous instances where other worms/trojan/ad-ware threats might modify that particular reg key, but i have eliminated all them buy various means of symptom analysis and change events that occur with each type of infection, but their are plenty of reg key variations related to "InProcServer32*" that their could be that i just haven't been able to find. In fact, all the instance's i found didn't match my result "HKLM\SOFTWARE\Classes\CLSID\{2216D9DB-920A-B7BB-D8AF-09633D5A378D}\InProcServer32*" And the same applies to securom, all tho it is identified as a cd copy/crack protection solution, but there are alot of threads around about it being something that you might want to remove anyway tho, unfortunately they all contradict each other so im still in the dark as to werther my particular result "HKLM\S-1-5-21-2165517387-2781504589-1887795725-1006\Software\SecuROM\!CAUTION! NEVER DELETE OR CHANGE ANY KEY*" warrants removal lol.
Reply With Quote