Posted: Mon Nov 26, 2007 9:35 pm Post subject: Can someone tell me if this shows a rootkit? Thanks!
Can someone tell me if this shows a rootkit? Thanks!
HKLM\SECURITY\Policy\Secrets\SAC* 8/25/2006 10:28 AM 0 bytes Key name contains embedded nulls (*)
HKLM\SECURITY\Policy\Secrets\SAI* 8/25/2006 10:28 AM 0 bytes Key name contains embedded nulls (*)
HKLM\SECURITY\Policy\Secrets\SCM:{148f1a14-53f3-4074-a573-e1ccd344e1d0}* 8/25/2006 10:11 AM 0 bytes Key name contains embedded nulls (*)
HKLM\SECURITY\Policy\Secrets\SCM:{76db1bf3-e820-4765-a1b2-0b16a86b1950}* 7/14/2007 6:13 PM 0 bytes Key name contains embedded nulls (*)
HKLM\SOFTWARE\McAfee\VSCore\On Access Scanner\McShield\szLastScanned 11/26/2007 10:56 AM 46 bytes Windows API length not consistent with raw hive data.
HKLM\SOFTWARE\McAfee\VSCore\On Access Scanner\McShield\dwFilesScanned 11/26/2007 10:56 AM 4 bytes Data mismatch between Windows API and raw hive data.
HKLM\SOFTWARE\Microsoft\Cryptography\RNG\Seed 11/26/2007 10:56 AM 80 bytes Data mismatch between Windows API and raw hive data.
HKLM\SOFTWARE\Microsoft\Microsoft SQL Server\MSFW\MSSQLServer\uptime_time_utc 11/26/2007 10:55 AM 8 bytes Data mismatch between Windows API and raw hive data.
HKLM\SYSTEM\ControlSet001\Services\UPS\Status\TotalUPSRuntime 11/26/2007 10:56 AM 4 bytes Data mismatch between Windows API and raw hive data.
C:\WINDOWS\SoftwareDistribution\DataStore\Logs\tmp.edb 11/26/2007 10:58 AM 64.00 KB Hidden from Windows API.
You can post new topics in this forum You can reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum You can attach files in this forum You can download files in this forum
Forum FAQ
Search
Usergroups
Profile
Login to check your private messages
Login
