So I've been doing a lot of computer-paranoia type virus checking and maintenance lately (mainly because if my computer breaks or gets compromised, I'm SOL). Sorry if these redundant threads are against policy, but google just isn't cutting it for a search on this. Mods, feel free to lock this thread if this thread isn't appropriate.
Long story short, I ran a rootkit revealer scan on my system, but am woefully uneducated about deciphering the results that I see after the scan. I'm hoping someone might be able to tell me whether or not these registry keys are legit - Some of them give me no hits in google. Some of them do give me hits, but they're all in german. The first two ("Policy\Secrets\") seem to by Spybot entries, so I'm not too worried about them regardless of their suspicious name.
Since Rootkit revealer won't save output files for me for some reason, I've attached an image of the output (EDIT: image spoilered for silly H-scroll):
The first three entries were listed as "Key name contains embedded nulls". The next two were "Data mismatch between Windows API and raw hive data". The last one was listed as "Hidden from Windows API". Any help anyone could give identifying these keys would be much appreciated - And any help learning how to identify keys in general or deal with the rootkit revealer output would be great too.
Posts
Thanks, that was one of the more worrisome entries - But I do in fact have Daemon Tools installed on that machine. I remember reading about Daemon Tools using rootkits to actually execute its intended function, so I suppose it's no red flag on that entry.