Rootkit Revealer scan

C

chicchio

Hello !
I have Windows 2000 Pro SP4 on an old laptop, Pentium II 333 MHz.
The PC seems OK, I have Symantec AV CE 10 and Kerio Personal Firewall, and I
connct via a Netgear router with built-in firewall.
I have made a scan with Rootkit Revealer on this system, and here are the
results:

HKU\S-1-5-21-2025429265-507921405-1060284298-500\RemoteAccess\InternetProfile
27/05/2007 20.05 7 bytes Data mismatch between Windows API and raw hive data.
HKLM\SECURITY\Policy\Secrets\SAC* 20/08/2005 10.53 0 bytes Key name contains
embedded nulls (*)
HKLM\SECURITY\Policy\Secrets\SAI* 20/08/2005 10.53 0 bytes Key name contains
embedded nulls (*)
HKLM\SECURITY\Policy\Secrets\XATM:fdc80c2e-bae9-4f31-ab80-f0a62c8cf4ef*
20/08/2005 0.13 0 bytes Key name contains embedded nulls (*)
HKLM\SYSTEM\ControlSet001\Services\d347prt\Cfg\0Jf40 11/01/2000 15.35 0
bytes Hidden from Windows API.
C:\Programmi\File comuni\Symantec Shared\VirusDefs\20090928.003\vscanmsx.dat
02/10/2009 14.22 2.02 KB Hidden from Windows API.

Can someone help me to understand these results ?
Thanks, Enrico (Chicchio)
 
D

Dave Patrick

Try asking them here.

http://forum.sysinternals.com/



--

Regards,

Dave Patrick ....Please no email replies - reply in newsgroup.
Microsoft Certified Professional
Microsoft MVP [Windows]
http://www.microsoft.com/protect


"chicchio" wrote:
> Hello !
> I have Windows 2000 Pro SP4 on an old laptop, Pentium II 333 MHz.
> The PC seems OK, I have Symantec AV CE 10 and Kerio Personal Firewall, and
> I
> connct via a Netgear router with built-in firewall.
> I have made a scan with Rootkit Revealer on this system, and here are the
> results:
>
> HKUS-1-5-21-2025429265-507921405-1060284298-500RemoteAccessInternetProfile
> 27/05/2007 20.05 7 bytes Data mismatch between Windows API and raw hive
> data.
> HKLMSECURITYPolicySecretsSAC* 20/08/2005 10.53 0 bytes Key name
> contains
> embedded nulls (*)
> HKLMSECURITYPolicySecretsSAI* 20/08/2005 10.53 0 bytes Key name
> contains
> embedded nulls (*)
> HKLMSECURITYPolicySecretsXATM:fdc80c2e-bae9-4f31-ab80-f0a62c8cf4ef*
> 20/08/2005 0.13 0 bytes Key name contains embedded nulls (*)
> HKLMSYSTEMControlSet001Servicesd347prtCfgJf40 11/01/2000 15.35 0
> bytes Hidden from Windows API.
> C:programmiFile comuniSymantec
> SharedVirusDefs20090928.003vscanmsx.dat
> 02/10/2009 14.22 2.02 KB Hidden from Windows API.
>
> Can someone help me to understand these results ?
> Thanks, Enrico (Chicchio)
 
You must log in or register to reply here.

Similar threads

B
Random BSOD for years, typically after restarting
Replies
0
Views
396
BadgerMH
B
S
Windows May 1903 update error 0x8007042B - 0x2000D
Replies
0
Views
184
syuwarimansor
S
S
Windows May 1903 update error 0x8007042B - 0x2000D
Replies
0
Views
239
syuwarimansor
S
S
Re: Reg key HKEY_LOCAL_MACHINE\SECURITY is empty
Replies
3
Views
319
witan
W
AWS
IE8 Security Part V: Comprehensive Protection
Replies
0
Views
360
AWS
AWS
Back
Top Bottom