RootkitRevealer (Problems?)

Discussion in 'other software & services' started by jpcummins, Nov 10, 2007.

Thread Status:
Not open for further replies.
  1. jpcummins

    jpcummins Registered Member

    Joined:
    Feb 20, 2006
    Posts:
    630
    Location:
    Terre Haute, IN
    I do not know enough about the program "RootkitRevealer" to be able to tell if I have a problem or not. The "RootkitRevealer" report follows:

    "HKLM\SOFTWARE\Classes\Installer\Products\32418F9EE 1126B64A90E8365B85CFCF6\ProductName 10/11/2006 12:02 PM 26 bytes Data mismatch between Windows API and raw hive data.

    HKLM\SOFTWARE\Microsoft\Cryptography\RNG\Seed 11/8/2007 4:06 PM 80 bytes Data mismatch between Windows API and raw hive data.

    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uni nstall\{E9F81423-211E-46B6-9AE0-38568BC5CF6F}\DisplayName 11/15/2006 4:20 PM 26 bytes Data mismatch between Windows API and raw hive data.

    HKLM\SYSTEM\ControlSet001\Services\a347scsi\Config \jdgg40 10/11/2006 3:44 PM 0 bytes Hidden from Windows API.

    C:\Documents and Settings\John P. Cummins\Local Settings\Temporary Internet Files\Content.IE5\K7M5A7Q9\version[1].dat 11/8/2007 4:14 PM 23 bytes Hidden from Windows API.

    C:\Documents and Settings\John P. Cummins\Local Settings\Temporary Internet Files\Content.IE5\K7M5A7Q9\wwver655[1].ini 11/8/2007 4:14 PM 34 bytes Hidden from Windows API.

    C:\Program Files\Common Files\Symantec Shared\VirusDefs\20071108.016\vscanmsx.dat 11/8/2007 4:11 PM 2.02 KB Hidden from Windows API.

    C:\System Volume Information\_restore{173E77B7-392F-44FF-A7D6-634ABAB7E00C}\RP344\A0033948.ini 11/7/2007 6:33 PM 34 bytes Hidden from Windows API.

    C:\System Volume Information\_restore{173E77B7-392F-44FF-A7D6-634ABAB7E00C}\RP344\A0033949.cfg 11/7/2007 6:33 PM 23 bytes Hidden from Windows API."

    I subsequently ran the program "AVG Anti-Rootkiller and it did not report anything wrong. I am hoping that someone knowledgeable with Rootkits will look at the report and tell me if I have anything to worry about. Any assistance and cooperation would be very much appreciated. Thanking you in advance for your replies.

    John
     
    jpcummins, Nov 10, 2007
    #1
  2. HAN

    HAN Registered Member

    Joined:
    Feb 24, 2005
    Posts:
    2,098
    Location:
    USA
    HAN, Nov 10, 2007
    #2
  3. jpcummins

    jpcummins Registered Member

    Joined:
    Feb 20, 2006
    Posts:
    630
    Location:
    Terre Haute, IN
    Han, thanks for the information. I will visit the link and hopefully learn something. Again, thanks very much.
     
    jpcummins, Nov 11, 2007
    #3
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Accept Learn More...