1. Welcome Guest! In order to create a new topic or reply to an existing one, you must register first. It is easy and free. Click here to sign up now!.
    Dismiss Notice

Rootkit Revealer scan

Discussion in 'Microsoft Windows' started by chicchio, Oct 16, 2009.

  1. chicchio

    chicchio Guest

    Hello !
    I have Windows 2000 Pro SP4 on an old laptop, Pentium II 333 MHz.
    The PC seems OK, I have Symantec AV CE 10 and Kerio Personal Firewall, and I
    connct via a Netgear router with built-in firewall.
    I have made a scan with Rootkit Revealer on this system, and here are the
    results:

    HKU\S-1-5-21-2025429265-507921405-1060284298-500\RemoteAccess\InternetProfile
    27/05/2007 20.05 7 bytes Data mismatch between Windows API and raw hive data.
    HKLM\SECURITY\Policy\Secrets\SAC* 20/08/2005 10.53 0 bytes Key name contains
    embedded nulls (*)
    HKLM\SECURITY\Policy\Secrets\SAI* 20/08/2005 10.53 0 bytes Key name contains
    embedded nulls (*)
    HKLM\SECURITY\Policy\Secrets\XATM:fdc80c2e-bae9-4f31-ab80-f0a62c8cf4ef*
    20/08/2005 0.13 0 bytes Key name contains embedded nulls (*)
    HKLM\SYSTEM\ControlSet001\Services\d347prt\Cfg\0Jf40 11/01/2000 15.35 0
    bytes Hidden from Windows API.
    C:\Programmi\File comuni\Symantec Shared\VirusDefs\20090928.003\vscanmsx.dat
    02/10/2009 14.22 2.02 KB Hidden from Windows API.

    Can someone help me to understand these results ?
    Thanks, Enrico (Chicchio)
     
    chicchio, Oct 16, 2009
    #1
  3. Dave Patrick

    Dave Patrick Guest

    Try asking them here.





    --

    Regards,

    Dave Patrick ....Please no email replies - reply in newsgroup.
    Microsoft Certified Professional
    Microsoft MVP [Windows]



    "chicchio" wrote:<!--coloro:blue--><span style="color:blue <!--/coloro-->
    > Hello !
    > I have Windows 2000 Pro SP4 on an old laptop, Pentium II 333 MHz.
    > The PC seems OK, I have Symantec AV CE 10 and Kerio Personal Firewall, and
    > I
    > connct via a Netgear router with built-in firewall.
    > I have made a scan with Rootkit Revealer on this system, and here are the
    > results:
    >
    > HKUS-1-5-21-2025429265-507921405-1060284298-500RemoteAccessInternetProfile
    > 27/05/2007 20.05 7 bytes Data mismatch between Windows API and raw hive
    > data.
    > HKLMSECURITYPolicySecretsSAC* 20/08/2005 10.53 0 bytes Key name
    > contains
    > embedded nulls (*)
    > HKLMSECURITYPolicySecretsSAI* 20/08/2005 10.53 0 bytes Key name
    > contains
    > embedded nulls (*)
    > HKLMSECURITYPolicySecretsXATM:fdc80c2e-bae9-4f31-ab80-f0a62c8cf4ef*
    > 20/08/2005 0.13 0 bytes Key name contains embedded nulls (*)
    > HKLMSYSTEMControlSet001Servicesd347prtCfgJf40 11/01/2000 15.35 0
    > bytes Hidden from Windows API.
    > C:programmiFile comuniSymantec
    > SharedVirusDefs20090928.003vscanmsx.dat
    > 02/10/2009 14.22 2.02 KB Hidden from Windows API.
    >
    > Can someone help me to understand these results ?
    > Thanks, Enrico (Chicchio) <!--colorc--><!--/colorc-->
     
    Dave Patrick, Oct 17, 2009
    #2

Share This Page