PDA

Просмотр полной версии : Кому верить?



Lamazz
13.01.2008, 09:44
GDATA RootKit Scanner пишет

http://img3.imagebanana.com/img/90faqjl6/rootkit.gif


RkUnhooker


>SSDT State
>Shadow
>Processes
>Drivers
>Stealth
>Files
Suspect File: C:\WINDOWS\SoftwareDistribution\DataStore\DataStor e.edb::$DATA Status: Hidden
Suspect File: C:\WINDOWS\SoftwareDistribution\DataStore\Logs\edb .log::$DATA Status: Hidden
>Hooks
ntoskrnl.exe+0x00004AA2, Type: Inline - RelativeJump at address 0x804DBAA2 hook handler located in [ntoskrnl.exe]
[948]HandyCache.exe-->kernel32.dll+0x00010671, Type: Inline - RelativeJump at address 0x7C810671 hook handler located in [kernel32.dll]
!!POSSIBLE ROOTKIT ACTIVITY DETECTED!! =)

AVZ

руткитов на машине не видит