That's odd - I believe Daemon tools still employs that technology (though I haven't checked in a while) and I would expect that to show in a rootkit scan.Originally Posted by ALL THUMBS
Rootkit Revealer would probably show it.
http://technet.microsoft.com/en-us/s.../bb897445.aspx
I can't imagine there are "whitelists" for these.... LOL!
I suppose we could try to delete that vchost.exe with a tool such as swandog46's Avenger, but I'd be more comfortable locating it and IDing it first to get an idea of what it is. Are you able to use regedit to export this key?
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components]
Or, you could do this:
Download the attached peek.bat to the desktop.
DoubleClick it and submit the log that pops up for me.
I don't know if it will tell any more than ComboFix, but worth a shot.
-- The rest of the logs look OK. The MVPs Hosts file ought to help keep the baddies at bay.
Cheers
PP
Reply With Quote