Ask the Expert

Detecting and removing rootkits in Windows

I read through Kurt Dillard's "Prevention Guide: Detecting and removing rootkits in Windows." On one of my PCs, I found rootkits with Sysinternals RootkitRevealer. I found no other rootkits on any other PCs even though an extensive number of software packages are installed. By doing a file search for date and time, I determined these were installed during the installation of Pinnacle Studio 9. Pinnacle tech support said these are not spyware and are needed for Studio to work. However, they are not removed during uninstall and I am not confident that Pinnacle understood my questions, nor rootkits, nor gave a reliable evaluation. I need a second opinion.
Based on what I've seen, it's actually very common for many Windows applications to leave junk in the registry such as this. I'm not a developer, but I can't imagine why it would be considered good practice to clog up someone's registry with entries that are no longer needed. I would recommend running another rootkit remover or process explorer such as UnHackMe, Process Explorer or Vision to see if anything looks malicious. Otherwise, backup your registry and delete those entries if you're uncomfortable with them, or contact Pinnacle and ask to speak to a level 2 support person who can help you with those entries.

This was first published in May 2005

There are Comments. Add yours.

 
TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: