"Nick Skrepetos" <nskrepetos@yahoo.com> wrote in
news:1167240452.792680.242160@f1g2000cwa.googlegro ups.com:

>
> Slarty wrote:
>> On Wed, 27 Dec 2006 12:36:20 GMT, Han wrote:
>>
>> > Just for the heck of it I downloaded and ran Rootkitrevealer from
>> > Sysinternals/Microsoft. Of course I did stupid and deleted a file
>> > while it was running so that's a loose alarm for sure, but what was
>> > the stuff referencing a single ID-like number:
>> > B135B566-11BB-4C76-A0D8-40088C051376?
>> >
>> > Those things disappeared when I re-ran Rootkitrevealer, but these
>> > remained:
>> >
>> > HKLM\SECURITY\Policy\Secrets\SAC* 9/17/2006 8:57 PM 0 bytes
>> > Key name contains embedded nulls (*)
>> >
>> > HKLM\SECURITY\Policy\Secrets\SAI* 9/17/2006 8:57 PM 0 bytes
>> > Key name contains embedded nulls (*)
>> >
>> > Can anyone tell me what this is supposed to mean?
>>
>> Download and run RegDelNull from the same place. That'll remove them,
>> just read the instructions on the download page first.
>>
>> Cheers,
>>
>> Roy
>
> I would be careful about deleting those keys without research into
> their actual function. I.E. Quick google search....
>
> http://www.google.com/search?hl=en&q...licy%5CSecrets
> %5CSAC&btnG=Google+Search
>
> Nick Skrepetos
> SUPERAntiSpyware.com
> http://www.superantispyware.com
>
Thanks, Nick and Roy. As long as I don't know what the prupose of the
keys is, I'll let them live.

I was paranoid when I saw a removable drive on my system in drive manager
that I couldn't place. Turns out, it's the USB interface on my Canon
printer <duh>. When I ran Rootkitrevealer, I was also folling with some
files that I didn't need anymore, so that Sysinternals program got
confused. As usual, PEBCAK ...

--
Best regards
Han
email address is invalid