Navigacija
Lista poslednjih: 16, 32, 64, 128 poruka.

Rootkit Revealer-pomoc

[es] :: Zaštita :: Rootkit Revealer-pomoc

[ Pregleda: 2221 | Odgovora: 2 ] > FB > Twit

Postavi temu Odgovori

Autor

Pretraga teme: Traži
Markiranje Štampanje RSS

ale2handro

Član broj: 48491
Poruke: 30
*.cat-net.co.yu.



Profil

icon Rootkit Revealer-pomoc28.02.2005. u 00:32 - pre 232 meseci
Po skeniranju HDD-a Rootkit Revealerom v1.01 dobio sam rezultate u kojima stoji

da su mi sve tri particije skrivene od win API-ja ?!

Trebam li ista da preduzmem povodom ovoga i sta?

Thanks.
 
Odgovor na temu

ale2handro

Član broj: 48491
Poruke: 30
*.cat-net.co.yu.



Profil

icon Re: Rootkit Revealer-pomoc28.02.2005. u 00:42 - pre 232 meseci
Ovo gore mi je bio prvi post i zaboravih rezultate skeniranja:

--------------------------------------------------------------------------------
HKLM\SYSTEM\ControlSet001\Control\Class\{4D36E965-E325-11CE-BFC1-08002BE10318}\Properties 12/24/2004 13:30 0 bytes Access is denied.
HKLM\SYSTEM\ControlSet001\Control\Class\{4D36E967-E325-11CE-BFC1-08002BE10318}\Properties 12/24/2004 13:30 0 bytes Access is denied.
HKLM\SYSTEM\ControlSet001\Control\Class\{4D36E968-E325-11CE-BFC1-08002BE10318}\Properties 12/24/2004 13:30 0 bytes Access is denied.
HKLM\SYSTEM\ControlSet001\Control\Class\{4D36E969-E325-11CE-BFC1-08002BE10318}\Properties 12/24/2004 13:30 0 bytes Access is denied.
HKLM\SYSTEM\ControlSet001\Control\Class\{4D36E96A-E325-11CE-BFC1-08002BE10318}\Properties 12/24/2004 13:30 0 bytes Access is denied.
HKLM\SYSTEM\ControlSet001\Control\Class\{4D36E97B-E325-11CE-BFC1-08002BE10318}\Properties 12/24/2004 13:30 0 bytes Access is denied.
HKLM\SYSTEM\ControlSet001\Control\Class\{4D36E980-E325-11CE-BFC1-08002BE10318}\Properties 12/24/2004 13:30 0 bytes Access is denied.
HKLM\SYSTEM\ControlSet001\Services\MRxDAV\EncryptedDirectories 12/24/2004 12:39 0 bytes Access is denied.
HKLM\SYSTEM\ControlSet003\Control\Class\{4D36E965-E325-11CE-BFC1-08002BE10318}\Properties 12/24/2004 13:30 0 bytes Access is denied.
HKLM\SYSTEM\ControlSet003\Control\Class\{4D36E967-E325-11CE-BFC1-08002BE10318}\Properties 12/24/2004 13:30 0 bytes Access is denied.
HKLM\SYSTEM\ControlSet003\Control\Class\{4D36E968-E325-11CE-BFC1-08002BE10318}\Properties 12/24/2004 13:30 0 bytes Access is denied.
HKLM\SYSTEM\ControlSet003\Control\Class\{4D36E969-E325-11CE-BFC1-08002BE10318}\Properties 12/24/2004 13:30 0 bytes Access is denied.
HKLM\SYSTEM\ControlSet003\Control\Class\{4D36E96A-E325-11CE-BFC1-08002BE10318}\Properties 12/24/2004 13:30 0 bytes Access is denied.
HKLM\SYSTEM\ControlSet003\Control\Class\{4D36E97B-E325-11CE-BFC1-08002BE10318}\Properties 12/24/2004 13:30 0 bytes Access is denied.
HKLM\SYSTEM\ControlSet003\Control\Class\{4D36E980-E325-11CE-BFC1-08002BE10318}\Properties 12/24/2004 13:30 0 bytes Access is denied.
HKLM\SYSTEM\ControlSet003\Services\MRxDAV\EncryptedDirectories 12/24/2004 12:39 0 bytes Access is denied.
C:\$AttrDef 12/24/2004 13:25 2.50 KB Hidden from Windows API.
C:\$BadClus 12/24/2004 13:25 0 bytes Hidden from Windows API.
C:\$BadClus:$Bad 12/24/2004 13:25 19.53 GB Hidden from Windows API.
C:\$Bitmap 12/24/2004 13:25 625.09 KB Hidden from Windows API.
C:\$Boot 12/24/2004 13:25 8.00 KB Hidden from Windows API.
C:\$Extend 12/24/2004 13:25 0 bytes Hidden from Windows API.
C:\$Extend\$ObjId 12/24/2004 13:25 0 bytes Hidden from Windows API.
C:\$Extend\$Quota 12/24/2004 13:25 0 bytes Hidden from Windows API.
C:\$Extend\$Reparse 12/24/2004 13:25 0 bytes Hidden from Windows API.
C:\$LogFile 12/24/2004 13:25 64.00 MB Hidden from Windows API.
C:\$MFT 12/24/2004 13:25 87.72 MB Hidden from Windows API.
C:\$MFTMirr 12/24/2004 13:25 4.00 KB Hidden from Windows API.
C:\$Secure 12/24/2004 13:25 0 bytes Hidden from Windows API.
C:\$UpCase 12/24/2004 13:25 128.00 KB Hidden from Windows API.
C:\$Volume 12/24/2004 13:25 0 bytes Hidden from Windows API

--------------------------------------------------------------------------------

Sorry about that. :)
 
Odgovor na temu

Sundance

Član broj: 7510
Poruke: 2559
*.sava.sczg.hr.



Profil

icon Re: Rootkit Revealer-pomoc01.03.2005. u 10:49 - pre 232 meseci
Da si pročitao u onom linku na onoj temi o RootkitRevealer-u koje datoteke NTFS koristi za housekeeping ne bi postavljao ovakva pitanja :)

http://www.ntfs.com/ntfs-system-files.htm

Što se tiče 4D36E968-E325-11CE-BFC1-08002BE10318, google search veli da se radi o GUID-u nvidia drivera, tako da nema razloga za uzbunu :>
 
Odgovor na temu

[es] :: Zaštita :: Rootkit Revealer-pomoc

[ Pregleda: 2221 | Odgovora: 2 ] > FB > Twit

Postavi temu Odgovori

Navigacija
Lista poslednjih: 16, 32, 64, 128 poruka.