Home
Topics
Microsoft Windows desktop operating systems security management
Endpoint security management tools
Detecting and removing rootkits in Windows

Detecting and removing rootkits in Windows

I read through Kurt Dillard's "Prevention Guide: Detecting and removing rootkits in Windows." On one of my PCs, I found rootkits with Sysinternals RootkitRevealer. I found no other rootkits on any other PCs even though an extensive number of software packages are installed. By doing a file search for date and time, I determined these were installed during the installation of Pinnacle Studio 9. Pinnacle tech support said these are not spyware and are needed for Studio to work. However, they are not removed during uninstall and I am not confident that Pinnacle understood my questions, nor rootkits, nor gave a reliable evaluation. I need a second opinion.

Based on what I've seen, it's actually very common for many Windows applications to leave junk in the registry such as this. I'm not a developer, but I can't imagine why it would be considered good practice to clog up someone's registry with entries that are no longer needed. I would recommend running another rootkit remover or process explorer such as UnHackMe, Process Explorer or Vision to see if anything looks malicious. Otherwise, backup your registry and delete those entries if you're uncomfortable with them, or contact Pinnacle and ask to speak to a level 2 support person who can help you with those entries.

More News and Tutorials

Articles

Related glossary terms

Terms for Whatis.com - the technology online dictionary

This was first published in May 2005

Join the conversationComment

Share

Comments

Results

Contribute to the conversation

All fields are required. Comments will appear at the bottom of the article.

Back to top

More from Related TechTarget Sites

Virtual Desktop
Windows Server
Windows IT
Exchange

Virtual Desktop
- VDI thin clients reduce hardware management headaches
  
  The initial hope for VDI thin clients was to reduce costs, but admins now just want convenience. Vendors at Citrix Synergy delivered new options.
- Citrix simplifies VDI again with XenDesktop 7-XenApp combo
  
  Citrix VDI admins can deploy and manage XenDesktop and XenApp under the same architecture, something they expected for years.
- Citrix kills its Application Streaming feature, directs users to App-V
  
  Citrix has officially ceased development and support for its Application Streaming feature, and has directed IT pros to use Microsoft App-V instead.
Windows Server
- Microsoft delivers patch updates for Windows Server 2012, Windows 8
  
  Microsoft delivered two critical and eight important bulletins in May's Patch Tuesday release, fixing issues in Windows Server 2012 and Office apps.
- Windows Azure Active Directory steps out of the shadows
  
  As Windows Azure Active Directory moves into general availability, we look at how it can help admins manage user authentication in the cloud.
- Steps to read XML files with PowerShell
  
  Wondering how to get PowerShell to read XML files? Our expert explains a few methods you could use.
Windows IT
- How to advance your cloud skills and get ahead of the gap
  
  There may be a growing shortage of IT pros with cloud skills, but you can take action now and become a valuable asset with the right skills.
- Prepare for a SharePoint 2013 upgrade with five tips
  
  Considering an upgrade to SharePoint 2013? Find out the answers to the most common questions IT pros will ask before making the jump.
- Prioritize your IT tasks and finally conquer your to-do list
  
  It's easy to feel overwhelmed by a growing to-do list of IT tasks, but there are easy ways you can decide what to tackle first and what can wait.
Exchange
- Helpful OWA 2013 mobile device hints for administrators
  
  Supporting OWA 2013 on various mobile devices can prove a bit tricky. These important tips will make life easier for admins and users alike.
- Explaining cutover vs. staged Office 365 migrations
  
  Various options exist for companies planning Office 365 migrations. Cutover and staged migrations are possibilities, but what exactly do they entail?
- Dismounted Exchange 2010 database refuses to mount
  
  A frustrated admin wants to know how to remount his Exchange 2010 database after discovering event ID 5003. One of our experts offers proper guidance.

All Rights Reserved,Copyright 2008 - 2013, TechTarget