problema rootkit chi mi da una mano?
Inviato: sab gen 14, 2006 12:38 amCiao a tuttti, ho sentito parlare in questi giorni dei rootkit e , se ben ho capito sono una specie di malware, ho installato rootkit revealer e mi ha segnalato questi dati, qualcuno mi da una mano?
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\System* 12/01/2006 0.26 0 bytes Key name contains embedded nulls (*)
HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\s0 12/01/2006 0.42 4 bytes Hidden from Windows API.
HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\s1 12/01/2006 0.42 4 bytes Hidden from Windows API.
HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\s2 12/01/2006 0.42 4 bytes Hidden from Windows API.
HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\g0 12/01/2006 0.42 32 bytes Hidden from Windows API.
HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\h0 12/01/2006 0.42 4 bytes Hidden from Windows API.
HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4 12/01/2006 1.00 0 bytes Hidden from Windows API.
C:\Documents and Settings\xpsg\Recent\corel.lnk 12/01/2006 0.42 484 bytes Visible in Windows API, but not in MFT or directory index.
C:\Documents and Settings\xpsg\Recent\README.lnk 13/01/2006 23.57 677 bytes Hidden from Windows API.
C:\Documents and Settings\xpsg\Recent\rootkit.lnk 13/01/2006 23.57 462 bytes Hidden from Windows API.
C:\Programmi\DAEMON Tools\SetupDTSB.exe 25/10/2005 8.32 104.55 KB Visible in Windows API, but not in MFT or directory index.
C:\Programmi\VVSN\VVSN.Vexe 12/01/2006 1.06 105.00 KB Visible in Windows API, but not in MFT or directory index.
C:\System Volume Information\_restore{867AAE22-072C-4B80-93A0-80D2067670D1}\RP61\A0003972.exe 25/10/2005 8.32 104.55 KB Visible in Windows API, but not in MFT or directory index.
C:\System Volume Information\_restore{867AAE22-072C-4B80-93A0-80D2067670D1}\RP61\A0003973.lnk 13/01/2006 23.57 484 bytes Hidden from Windows API.
C:\WINDOWS\Prefetch\NOTEPAD.EXE-336351A9.pf 13/01/2006 23.57 60.29 KB Hidden from Windows API.
C:\WINDOWS\Prefetch\RUNDLL32.EXE-1F7723C1.pf 13/01/2006 23.56 79.13 KB Hidden from Windows API.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\System* 12/01/2006 0.26 0 bytes Key name contains embedded nulls (*)
HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\s0 12/01/2006 0.42 4 bytes Hidden from Windows API.
HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\s1 12/01/2006 0.42 4 bytes Hidden from Windows API.
HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\s2 12/01/2006 0.42 4 bytes Hidden from Windows API.
HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\g0 12/01/2006 0.42 32 bytes Hidden from Windows API.
HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\h0 12/01/2006 0.42 4 bytes Hidden from Windows API.
HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4 12/01/2006 1.00 0 bytes Hidden from Windows API.
C:\Documents and Settings\xpsg\Recent\corel.lnk 12/01/2006 0.42 484 bytes Visible in Windows API, but not in MFT or directory index.
C:\Documents and Settings\xpsg\Recent\README.lnk 13/01/2006 23.57 677 bytes Hidden from Windows API.
C:\Documents and Settings\xpsg\Recent\rootkit.lnk 13/01/2006 23.57 462 bytes Hidden from Windows API.
C:\Programmi\DAEMON Tools\SetupDTSB.exe 25/10/2005 8.32 104.55 KB Visible in Windows API, but not in MFT or directory index.
C:\Programmi\VVSN\VVSN.Vexe 12/01/2006 1.06 105.00 KB Visible in Windows API, but not in MFT or directory index.
C:\System Volume Information\_restore{867AAE22-072C-4B80-93A0-80D2067670D1}\RP61\A0003972.exe 25/10/2005 8.32 104.55 KB Visible in Windows API, but not in MFT or directory index.
C:\System Volume Information\_restore{867AAE22-072C-4B80-93A0-80D2067670D1}\RP61\A0003973.lnk 13/01/2006 23.57 484 bytes Hidden from Windows API.
C:\WINDOWS\Prefetch\NOTEPAD.EXE-336351A9.pf 13/01/2006 23.57 60.29 KB Hidden from Windows API.
C:\WINDOWS\Prefetch\RUNDLL32.EXE-1F7723C1.pf 13/01/2006 23.56 79.13 KB Hidden from Windows API.
