Rootkit hlasi nalezene skryte klice (keys/values)
Napsal: 18 kvě 2010 20:30
Dobry vecer,
Mohl by jste se nekdo mrknout na nize uvedeny report z rootkit skenu? Byly nalezeny nejake kousky, abych se priznala, pokousela jsem je smazat primo, ale stale tam jsou, ikdyz s ted dostaly priponu REN. Vubec tomu nerozumim a proto jsem tady a hledam radu. Trebas to nic neni, ale pro klid v dusi
Dekuji! a pridavam hooodne zkraceny report (original pro svou delku neni akceptovan).
cAfee(R) Rootkit Detective 1.1 scan report
On 29-08-2009 at 17:15:09
OS-Version 5.1.2600
Service Pack 3.0
====================================
Object-Type: Registry-key
Object-Name: 0009dd505164ystem32\drivers\aswSP.sys
Object-Path: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\BTHPORT\Parameters\Keys\0009dd505164
Status: Hidden
Object-Type: Registry-key
Object-Name: 0009dd505164.RENt001\Services\BTHPORT\Parameters\Keys\0009dd505164
Object-Path: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\BTHPORT\Parameters\Keys\0009dd505164.REN
Status: Hidden
Object-Type: Registry-key
Object-Name: 0009dd505164.REN.REN\Services\BTHPORT\Parameters\Keys\0009dd505164.REN
Object-Path: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\BTHPORT\Parameters\Keys\0009dd505164.REN.REN
Status: Hidden
Object-Type: Registry-key
Object-Name: 0009dd505164olSet001\Services\BTHPORT\Parameters\Keys\0009dd505164.REN.REN
Object-Path: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\BTHPORT\Parameters\Keys\0009dd505164
Status: Hidden
Object-Type: Registry-key
Object-Name: 0009dd505164.RENt002\Services\BTHPORT\Parameters\Keys\0009dd505164
Object-Path: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\BTHPORT\Parameters\Keys\0009dd505164.REN
Status: Hidden
Object-Type: Registry-key
Object-Name: 0009dd505164.REN.REN\Services\BTHPORT\Parameters\Keys\0009dd505164.REN
Object-Path: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\BTHPORT\Parameters\Keys\0009dd505164.REN.REN
Status: Hidden
Object-Type: Registry-key
Object-Name: 0009dd505164olSet002\Services\BTHPORT\Parameters\Keys\0009dd505164.REN.REN
Object-Path: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\BTHPORT\Parameters\Keys\0009dd505164
Status: Hidden
Object-Type: Registry-key
Object-Name: 0009dd505164.RENt001\Services\BTHPORT\Parameters\Keys\0009dd505164
Object-Path: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\BTHPORT\Parameters\Keys\0009dd505164.REN
Status: Hidden
Object-Type: Registry-key
Object-Name: 0009dd505164.REN.REN\Services\BTHPORT\Parameters\Keys\0009dd505164.REN
Object-Path: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\BTHPORT\Parameters\Keys\0009dd505164.REN.REN
Status: Hidden
Scan complete. Hidden registry keys/values: 9
Mohl by jste se nekdo mrknout na nize uvedeny report z rootkit skenu? Byly nalezeny nejake kousky, abych se priznala, pokousela jsem je smazat primo, ale stale tam jsou, ikdyz s ted dostaly priponu REN. Vubec tomu nerozumim a proto jsem tady a hledam radu. Trebas to nic neni, ale pro klid v dusi
Dekuji!
a pridavam hooodne zkraceny report (original pro svou delku neni akceptovan).cAfee(R) Rootkit Detective 1.1 scan report
On 29-08-2009 at 17:15:09
OS-Version 5.1.2600
Service Pack 3.0
====================================
Object-Type: Registry-key
Object-Name: 0009dd505164ystem32\drivers\aswSP.sys
Object-Path: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\BTHPORT\Parameters\Keys\0009dd505164
Status: Hidden
Object-Type: Registry-key
Object-Name: 0009dd505164.RENt001\Services\BTHPORT\Parameters\Keys\0009dd505164
Object-Path: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\BTHPORT\Parameters\Keys\0009dd505164.REN
Status: Hidden
Object-Type: Registry-key
Object-Name: 0009dd505164.REN.REN\Services\BTHPORT\Parameters\Keys\0009dd505164.REN
Object-Path: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\BTHPORT\Parameters\Keys\0009dd505164.REN.REN
Status: Hidden
Object-Type: Registry-key
Object-Name: 0009dd505164olSet001\Services\BTHPORT\Parameters\Keys\0009dd505164.REN.REN
Object-Path: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\BTHPORT\Parameters\Keys\0009dd505164
Status: Hidden
Object-Type: Registry-key
Object-Name: 0009dd505164.RENt002\Services\BTHPORT\Parameters\Keys\0009dd505164
Object-Path: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\BTHPORT\Parameters\Keys\0009dd505164.REN
Status: Hidden
Object-Type: Registry-key
Object-Name: 0009dd505164.REN.REN\Services\BTHPORT\Parameters\Keys\0009dd505164.REN
Object-Path: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\BTHPORT\Parameters\Keys\0009dd505164.REN.REN
Status: Hidden
Object-Type: Registry-key
Object-Name: 0009dd505164olSet002\Services\BTHPORT\Parameters\Keys\0009dd505164.REN.REN
Object-Path: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\BTHPORT\Parameters\Keys\0009dd505164
Status: Hidden
Object-Type: Registry-key
Object-Name: 0009dd505164.RENt001\Services\BTHPORT\Parameters\Keys\0009dd505164
Object-Path: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\BTHPORT\Parameters\Keys\0009dd505164.REN
Status: Hidden
Object-Type: Registry-key
Object-Name: 0009dd505164.REN.REN\Services\BTHPORT\Parameters\Keys\0009dd505164.REN
Object-Path: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\BTHPORT\Parameters\Keys\0009dd505164.REN.REN
Status: Hidden
Scan complete. Hidden registry keys/values: 9