Results 1 to 4 of 4

Thread: What does it mean !!!!!!!!!!!!!!

  1. #1
    Junior Member
    Join Date
    May 2008
    Posts
    2

    Default What does it mean !!!!!!!!!!!!!!

    Hello everyone I am very much a novice to all this but ran the rootalyser app on my windows XP home computer and it returned the following results,is there anything here to worry about?? & if there is how do I go about sorting it out? THANKS in advance for your help
    // info: Rootkit removal help file
    // copyright: (c) 2008 Safer Networking Ltd. All rights reserved.

    :: RootAlyzer Results
    File:"No admin in ACL","C:\Documents and Settings\All Users\Application Data\Microsoft\Office\Data\81602.bpc"
    File:"No admin in ACL","C:\Documents and Settings\All Users\Application Data\Microsoft\Office\Data\OPA12.BAK"
    File:"No admin in ACL","C:\Documents and Settings\All Users\Application Data\Microsoft\Office\Data\opa12.dat"
    File:"No admin in ACL","C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Connections\Pbk\rasphone.pbk"
    Directory:"No admin in ACL","C:\System Recovery"
    Directory:"No admin in ACL","C:\Documents and Settings\All Users\Application Data\Microsoft\Office\Data"
    RegyKey:"Zero char in key name","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\CLSID\{FEE45DE2-A467-4bf9-BF2D-1411304BCD84}\","InprocServer32\0"
    // Attention: entries with a zero character will not be displayed correctly and may not work!
    RegyKey:"Zero char in key name","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\CLSID\{F8F02ADD-7366-4186-9488-C21CB8B3DCEC}\","InprocServer32\0"
    // Attention: entries with a zero character will not be displayed correctly and may not work!
    RegyKey:"Zero char in key name","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\CLSID\{EACAFCE5-B0E2-4288-8073-C02FF9619B6F}\","InprocServer32\0"
    // Attention: entries with a zero character will not be displayed correctly and may not work!
    RegyKey:"Zero char in key name","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\CLSID\{E39C35E8-7488-4926-92B2-2F94619AC1A5}\","InprocServer32\0"
    // Attention: entries with a zero character will not be displayed correctly and may not work!
    RegyKey:"Zero char in key name","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\CLSID\{DE5654CA-EB84-4df9-915B-37E957082D6D}\","InprocServer32\0"
    // Attention: entries with a zero character will not be displayed correctly and may not work!
    RegyKey:"Zero char in key name","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\CLSID\{AC3ED30B-6F1A-4bfc-A4F6-2EBDCCD34C19}\","InprocServer32\0"
    // Attention: entries with a zero character will not be displayed correctly and may not work!
    RegyKey:"Zero char in key name","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\CLSID\{948395E8-7A56-4fb1-843B-3E52D94DB145}\","InprocServer32\0"
    // Attention: entries with a zero character will not be displayed correctly and may not work!
    RegyKey:"Zero char in key name","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\CLSID\{7EB537F9-A916-4339-B91B-DED8E83632C0}\","InprocServer32\0"
    // Attention: entries with a zero character will not be displayed correctly and may not work!
    RegyKey:"Zero char in key name","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\CLSID\{74554CCD-F60F-4708-AD98-D0152D08C8B9}\","InprocServer32\0"
    // Attention: entries with a zero character will not be displayed correctly and may not work!
    RegyKey:"Zero char in key name","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\CLSID\{684373FB-9CD8-4e47-B990-5A4466C16034}\","InprocServer32\0"
    // Attention: entries with a zero character will not be displayed correctly and may not work!
    RegyKey:"Zero char in key name","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\CLSID\{604BB98A-A94F-4a5c-A67C-D8D3582C741C}\","InprocServer32\0"
    // Attention: entries with a zero character will not be displayed correctly and may not work!
    RegyKey:"Zero char in key name","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\CLSID\{47629D4B-2AD3-4e50-B716-A66C15C63153}\","InprocServer32\0"
    // Attention: entries with a zero character will not be displayed correctly and may not work!

  2. #2
    Member of Team Spybot PepiMK's Avatar
    Join Date
    Oct 2005
    Location
    Planet Earth
    Posts
    3,601

    Default

    Which RootAlyzer version is this?

    All the file and directory entries should no longer appear in version 0.2.

    As for the others... do you have Pinnacle Studio installed?
    Looks like Pinnacle Studio 9 is hiding registration data using rootkit methods in those keys.
    Just remember, love is life, and hate is living death.
    Treat your life for what it's worth, and live for every breath
    (Black Sabbath: A National Acrobat)

  3. #3
    Junior Member
    Join Date
    May 2008
    Posts
    2

    Default

    Hi pepi the version is 0.2.0.32 and yes I do have pinnacle studio 9 installed on my computer.
    i take it there is nothing to worry about with the results then.

  4. #4
    Member of Team Spybot PepiMK's Avatar
    Join Date
    Oct 2005
    Location
    Planet Earth
    Posts
    3,601

    Default

    Exactly

    I've now documented Pinnacle Studio here and have implemented this feature (showing info on known entries inside RootAlyzer) to make it easier for the next one who stumbles across this.
    Just remember, love is life, and hate is living death.
    Treat your life for what it's worth, and live for every breath
    (Black Sabbath: A National Acrobat)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •