Rootkit Revealer log

Discussion in 'other security issues & news' started by mounty, Sep 2, 2005.

Thread Status:
Not open for further replies.
  1. mounty

    mounty Registered Member

    Joined:
    Sep 2, 2005
    Posts:
    2
    Ive had a premium number dialer problem on my parents pc this past week which Ive been trying to get rid of. I wanted to search for rootkits on the system, but Ive had no experience with this form of malware.
    I ran a scan with Rootkit Revealer but its the first time Ive used this program and I dont really know how to understand the log files. Would anyone be able to tell me if this log is anything to be concerned of?

    Code:
    HKLM\SOFTWARE\Classes\CLSID\{47629D4B-2AD3-4e50-B716-A66C15C63153}\InprocServer32*	09/07/2005 18:22	0 bytes	Key name contains embedded nulls (*)
    HKLM\SOFTWARE\Classes\CLSID\{604BB98A-A94F-4a5c-A67C-D8D3582C741C}\InprocServer32*	09/07/2005 18:22	0 bytes	Key name contains embedded nulls (*)
    HKLM\SOFTWARE\Classes\CLSID\{684373FB-9CD8-4e47-B990-5A4466C16034}\InprocServer32*	09/07/2005 18:22	0 bytes	Key name contains embedded nulls (*)
    HKLM\SOFTWARE\Classes\CLSID\{74554CCD-F60F-4708-AD98-D0152D08C8B9}\InprocServer32*	09/07/2005 18:22	0 bytes	Key name contains embedded nulls (*)
    HKLM\SOFTWARE\Classes\CLSID\{7EB537F9-A916-4339-B91B-DED8E83632C0}\InprocServer32*	09/07/2005 18:22	0 bytes	Key name contains embedded nulls (*)
    HKLM\SOFTWARE\Classes\CLSID\{948395E8-7A56-4fb1-843B-3E52D94DB145}\InprocServer32*	09/07/2005 18:22	0 bytes	Key name contains embedded nulls (*)
    HKLM\SOFTWARE\Classes\CLSID\{AC3ED30B-6F1A-4bfc-A4F6-2EBDCCD34C19}\InprocServer32*	09/07/2005 18:22	0 bytes	Key name contains embedded nulls (*)
    HKLM\SOFTWARE\Classes\CLSID\{DE5654CA-EB84-4df9-915B-37E957082D6D}\InprocServer32*	09/07/2005 18:22	0 bytes	Key name contains embedded nulls (*)
    HKLM\SOFTWARE\Classes\CLSID\{E39C35E8-7488-4926-92B2-2F94619AC1A5}\InprocServer32*	09/07/2005 18:22	0 bytes	Key name contains embedded nulls (*)
    HKLM\SOFTWARE\Classes\CLSID\{EACAFCE5-B0E2-4288-8073-C02FF9619B6F}\InprocServer32*	09/07/2005 18:22	0 bytes	Key name contains embedded nulls (*)
    HKLM\SOFTWARE\Classes\CLSID\{F8F02ADD-7366-4186-9488-C21CB8B3DCEC}\InprocServer32*	09/07/2005 18:22	0 bytes	Key name contains embedded nulls (*)
    HKLM\SOFTWARE\Classes\CLSID\{FEE45DE2-A467-4bf9-BF2D-1411304BCD84}\InprocServer32*	09/07/2005 18:22	0 bytes	Key name contains embedded nulls (*)
    C:\WINDOWS\Debug\UserMode\userenv.log	01/09/2005 23:32	214 bytes	Hidden from Windows API.
    

    thanks for the help
    tim
     
    Last edited: Sep 2, 2005
  2. thismayhelp

    thismayhelp Guest

  3. mounty

    mounty Registered Member

    Joined:
    Sep 2, 2005
    Posts:
    2
    thanks for the link ;)
    I dont know much about rootkits so I suppose I will look into it if no one is able to help - I really want to find out about these entries that came up
     
  4. lotuseclat79

    lotuseclat79 Registered Member

    Joined:
    Jun 16, 2005
    Posts:
    5,390
  5. BlueZannetti

    BlueZannetti Registered Member

    Joined:
    Oct 19, 2003
    Posts:
    6,590
    mounty,

    Aside from RootkitRevealer, what tools have you used to try to address this problem?

    Blue
     
Loading...
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.