[ ale2handro @ 28.02.2005. 00:32 ] @
| Po skeniranju HDD-a Rootkit Revealerom v1.01 dobio sam rezultate u kojima stoji da su mi sve tri particije skrivene od win API-ja ?! Trebam li ista da preduzmem povodom ovoga i sta? Thanks. |
|
[ ale2handro @ 28.02.2005. 00:32 ] @
[ ale2handro @ 28.02.2005. 00:42 ] @
Ovo gore mi je bio prvi post i zaboravih rezultate skeniranja:
-------------------------------------------------------------------------------- HKLM\SYSTEM\ControlSet001\Control\Class\{4D36E965-E325-11CE-BFC1-08002BE10318}\Properties 12/24/2004 13:30 0 bytes Access is denied. HKLM\SYSTEM\ControlSet001\Control\Class\{4D36E967-E325-11CE-BFC1-08002BE10318}\Properties 12/24/2004 13:30 0 bytes Access is denied. HKLM\SYSTEM\ControlSet001\Control\Class\{4D36E968-E325-11CE-BFC1-08002BE10318}\Properties 12/24/2004 13:30 0 bytes Access is denied. HKLM\SYSTEM\ControlSet001\Control\Class\{4D36E969-E325-11CE-BFC1-08002BE10318}\Properties 12/24/2004 13:30 0 bytes Access is denied. HKLM\SYSTEM\ControlSet001\Control\Class\{4D36E96A-E325-11CE-BFC1-08002BE10318}\Properties 12/24/2004 13:30 0 bytes Access is denied. HKLM\SYSTEM\ControlSet001\Control\Class\{4D36E97B-E325-11CE-BFC1-08002BE10318}\Properties 12/24/2004 13:30 0 bytes Access is denied. HKLM\SYSTEM\ControlSet001\Control\Class\{4D36E980-E325-11CE-BFC1-08002BE10318}\Properties 12/24/2004 13:30 0 bytes Access is denied. HKLM\SYSTEM\ControlSet001\Services\MRxDAV\EncryptedDirectories 12/24/2004 12:39 0 bytes Access is denied. HKLM\SYSTEM\ControlSet003\Control\Class\{4D36E965-E325-11CE-BFC1-08002BE10318}\Properties 12/24/2004 13:30 0 bytes Access is denied. HKLM\SYSTEM\ControlSet003\Control\Class\{4D36E967-E325-11CE-BFC1-08002BE10318}\Properties 12/24/2004 13:30 0 bytes Access is denied. HKLM\SYSTEM\ControlSet003\Control\Class\{4D36E968-E325-11CE-BFC1-08002BE10318}\Properties 12/24/2004 13:30 0 bytes Access is denied. HKLM\SYSTEM\ControlSet003\Control\Class\{4D36E969-E325-11CE-BFC1-08002BE10318}\Properties 12/24/2004 13:30 0 bytes Access is denied. HKLM\SYSTEM\ControlSet003\Control\Class\{4D36E96A-E325-11CE-BFC1-08002BE10318}\Properties 12/24/2004 13:30 0 bytes Access is denied. HKLM\SYSTEM\ControlSet003\Control\Class\{4D36E97B-E325-11CE-BFC1-08002BE10318}\Properties 12/24/2004 13:30 0 bytes Access is denied. HKLM\SYSTEM\ControlSet003\Control\Class\{4D36E980-E325-11CE-BFC1-08002BE10318}\Properties 12/24/2004 13:30 0 bytes Access is denied. HKLM\SYSTEM\ControlSet003\Services\MRxDAV\EncryptedDirectories 12/24/2004 12:39 0 bytes Access is denied. C:\$AttrDef 12/24/2004 13:25 2.50 KB Hidden from Windows API. C:\$BadClus 12/24/2004 13:25 0 bytes Hidden from Windows API. C:\$BadClus:$Bad 12/24/2004 13:25 19.53 GB Hidden from Windows API. C:\$Bitmap 12/24/2004 13:25 625.09 KB Hidden from Windows API. C:\$Boot 12/24/2004 13:25 8.00 KB Hidden from Windows API. C:\$Extend 12/24/2004 13:25 0 bytes Hidden from Windows API. C:\$Extend\$ObjId 12/24/2004 13:25 0 bytes Hidden from Windows API. C:\$Extend\$Quota 12/24/2004 13:25 0 bytes Hidden from Windows API. C:\$Extend\$Reparse 12/24/2004 13:25 0 bytes Hidden from Windows API. C:\$LogFile 12/24/2004 13:25 64.00 MB Hidden from Windows API. C:\$MFT 12/24/2004 13:25 87.72 MB Hidden from Windows API. C:\$MFTMirr 12/24/2004 13:25 4.00 KB Hidden from Windows API. C:\$Secure 12/24/2004 13:25 0 bytes Hidden from Windows API. C:\$UpCase 12/24/2004 13:25 128.00 KB Hidden from Windows API. C:\$Volume 12/24/2004 13:25 0 bytes Hidden from Windows API -------------------------------------------------------------------------------- Sorry about that. :) [ Sundance @ 01.03.2005. 10:49 ] @
Da si pročitao u onom linku na onoj temi o RootkitRevealer-u koje datoteke NTFS koristi za housekeeping ne bi postavljao ovakva pitanja :)
http://www.ntfs.com/ntfs-system-files.htm Što se tiče 4D36E968-E325-11CE-BFC1-08002BE10318, google search veli da se radi o GUID-u nvidia drivera, tako da nema razloga za uzbunu :> Copyright (C) 2001-2025 by www.elitesecurity.org. All rights reserved.
|