Rootkit Revealer log

Discussion in 'other security issues & news' started by mounty, Sep 2, 2005.

Thread Status:
Not open for further replies.
  1. mounty

    mounty Registered Member

    Joined:
    Sep 2, 2005
    Posts:
    2
    Ive had a premium number dialer problem on my parents pc this past week which Ive been trying to get rid of. I wanted to search for rootkits on the system, but Ive had no experience with this form of malware.
    I ran a scan with Rootkit Revealer but its the first time Ive used this program and I dont really know how to understand the log files. Would anyone be able to tell me if this log is anything to be concerned of?

    Code:
    HKLM\SOFTWARE\Classes\CLSID\{47629D4B-2AD3-4e50-B716-A66C15C63153}\InprocServer32*	09/07/2005 18:22	0 bytes	Key name contains embedded nulls (*)
    HKLM\SOFTWARE\Classes\CLSID\{604BB98A-A94F-4a5c-A67C-D8D3582C741C}\InprocServer32*	09/07/2005 18:22	0 bytes	Key name contains embedded nulls (*)
    HKLM\SOFTWARE\Classes\CLSID\{684373FB-9CD8-4e47-B990-5A4466C16034}\InprocServer32*	09/07/2005 18:22	0 bytes	Key name contains embedded nulls (*)
    HKLM\SOFTWARE\Classes\CLSID\{74554CCD-F60F-4708-AD98-D0152D08C8B9}\InprocServer32*	09/07/2005 18:22	0 bytes	Key name contains embedded nulls (*)
    HKLM\SOFTWARE\Classes\CLSID\{7EB537F9-A916-4339-B91B-DED8E83632C0}\InprocServer32*	09/07/2005 18:22	0 bytes	Key name contains embedded nulls (*)
    HKLM\SOFTWARE\Classes\CLSID\{948395E8-7A56-4fb1-843B-3E52D94DB145}\InprocServer32*	09/07/2005 18:22	0 bytes	Key name contains embedded nulls (*)
    HKLM\SOFTWARE\Classes\CLSID\{AC3ED30B-6F1A-4bfc-A4F6-2EBDCCD34C19}\InprocServer32*	09/07/2005 18:22	0 bytes	Key name contains embedded nulls (*)
    HKLM\SOFTWARE\Classes\CLSID\{DE5654CA-EB84-4df9-915B-37E957082D6D}\InprocServer32*	09/07/2005 18:22	0 bytes	Key name contains embedded nulls (*)
    HKLM\SOFTWARE\Classes\CLSID\{E39C35E8-7488-4926-92B2-2F94619AC1A5}\InprocServer32*	09/07/2005 18:22	0 bytes	Key name contains embedded nulls (*)
    HKLM\SOFTWARE\Classes\CLSID\{EACAFCE5-B0E2-4288-8073-C02FF9619B6F}\InprocServer32*	09/07/2005 18:22	0 bytes	Key name contains embedded nulls (*)
    HKLM\SOFTWARE\Classes\CLSID\{F8F02ADD-7366-4186-9488-C21CB8B3DCEC}\InprocServer32*	09/07/2005 18:22	0 bytes	Key name contains embedded nulls (*)
    HKLM\SOFTWARE\Classes\CLSID\{FEE45DE2-A467-4bf9-BF2D-1411304BCD84}\InprocServer32*	09/07/2005 18:22	0 bytes	Key name contains embedded nulls (*)
    C:\WINDOWS\Debug\UserMode\userenv.log	01/09/2005 23:32	214 bytes	Hidden from Windows API.
    

    thanks for the help
    tim
     
    Last edited: Sep 2, 2005
  2. thismayhelp

    thismayhelp Guest

  3. mounty

    mounty Registered Member

    Joined:
    Sep 2, 2005
    Posts:
    2
    thanks for the link ;)
    I dont know much about rootkits so I suppose I will look into it if no one is able to help - I really want to find out about these entries that came up
     
  4. lotuseclat79

    lotuseclat79 Registered Member

    Joined:
    Jun 16, 2005
    Posts:
    5,089
  5. BlueZannetti

    BlueZannetti Administrator

    Joined:
    Oct 19, 2003
    Posts:
    6,590
    mounty,

    Aside from RootkitRevealer, what tools have you used to try to address this problem?

    Blue
     
Loading...
Thread Status:
Not open for further replies.