这是我用rootkitrevealer 扫的日志.楼主帮看看,是不是存在rootkit病毒?
HKLM\SOFTWARE\Classes\*\shellex\ContextMenuHandlers\ 2005-8-18 9:20 0 bytes Key name contains embedded nulls (*)
HKLM\SOFTWARE\Classes\BDATuner. 2005-9-18 22:18 0 bytes Key name contains embedded nulls (*)
HKLM\SOFTWARE\Classes\BDATuner. 2005-9-18 22:18 0 bytes Key name contains embedded nulls (*)
HKLM\SOFTWARE\Classes\Flash.Debug 2005-12-11 20:06 0 bytes Key name contains embedded nulls (*)
HKLM\SOFTWARE\Classes\Flash.Video 2005-12-11 20:06 0 bytes Key name contains embedded nulls (*)
HKLM\SOFTWARE\Classes\Save 2005-8-18 9:20 0 bytes Key name contains embedded nulls (*)
HKLM\SOFTWARE\Classes\ 2005-9-18 22:58 0 bytes Key name contains embedded nulls (*)
HKLM\SOFTWARE\Classes\ 2005-8-18 9:20 0 bytes Key name contains embedded nulls (*)
HKLM\SOFTWARE\Classes\ 2005-8-18 9:22 0 bytes Key name contains embedded nulls (*)
HKLM\SOFTWARE\Classes\ 2005-8-18 9:20 0 bytes Key name contains embedded nulls (*)
HKLM\SOFTWARE\Classes\ 2005-8-18 9:22 0 bytes Key name contains embedded nulls (*)
HKLM\SOFTWARE\Classes\ 2005-8-18 9:20 0 bytes Key name contains embedded nulls (*)
HKLM\SOFTWARE\Classes\ 2005-8-18 9:22 0 bytes Key name contains embedded nulls (*)
HKLM\SOFTWARE\Classes\ 2005-8-18 9:22 0 bytes Key name contains embedded nulls (*)
HKLM\SOFTWARE\Classes\ 2005-8-18 9:22 0 bytes Key name contains embedded nulls (*)
HKLM\SOFTWARE\Classes\ 2005-8-18 9:22 0 bytes Key name contains embedded nulls (*)
HKLM\SOFTWARE\Classes\ 2005-8-18 9:22 0 bytes Key name contains embedded nulls (*)
HKLM\SOFTWARE\Classes\ 2005-8-18 9:20 0 bytes Key name contains embedded nulls (*)
HKLM\SOFTWARE\Classes\ 2005-8-18 9:20 0 bytes Key name contains embedded nulls (*)
HKLM\SOFTWARE\Classes\ 2005-8-18 9:22 0 bytes Key name contains embedded nulls (*)
HKLM\SOFTWARE\Classes\ 2005-8-18 9:20 0 bytes Key name contains embedded nulls (*)
HKLM\SOFTWARE\Classes\ 2005-8-18 9:20 0 bytes Key name contains embedded nulls (*)
HKLM\SOFTWARE\Classes\ 2005-8-18 9:20 0 bytes Key name contains embedded nulls (*)
HKLM\SOFTWARE\Classes\ 2005-8-18 9:20 0 bytes Key name contains embedded nulls (*)
HKLM\SOFTWARE\Classes\ 2005-8-18 9:22 0 bytes Key name contains embedded nulls (*)
HKLM\SOFTWARE\Classes\ 2005-8-18 9:22 0 bytes Key name contains embedded nulls (*)
HKLM\SOFTWARE\Classes\ 2005-8-18 9:22 0 bytes Key name contains embedded nulls (*)
HKLM\SOFTWARE\Classes\ 2005-8-18 9:22 0 bytes Key name contains embedded nulls (*)
HKLM\SOFTWARE\Classes\ 2005-8-18 9:20 0 bytes Key name contains embedded nulls (*)
HKLM\SOFTWARE\Classes\ 2005-8-18 9:22 0 bytes Key name contains embedded nulls (*)
HKLM\SOFTWARE\Classes\ 2005-8-18 9:22 0 bytes Key name contains embedded nulls (*)
HKLM\SOFTWARE\Classes\ 2005-8-18 9:22 0 bytes Key name contains embedded nulls (*)
HKLM\SOFTWARE\Classes\ 2005-8-18 9:22 0 bytes Key name contains embedded nulls (*)
HKLM\SOFTWARE\Classes\ 2005-8-18 9:22 0 bytes Key name contains embedded nulls (*)
HKLM\SOFTWARE\Classes\ 2005-8-18 9:22 0 bytes Key name contains embedded nulls (*)
HKLM\SOFTWARE\Classes\ 2005-8-18 9:22 0 bytes Key name contains embedded nulls (*)
HKLM\SOFTWARE\Classes\ 2005-8-18 9:22 0 bytes Key name contains embedded nulls (*)
HKLM\SOFTWARE\Classes\ 2005-8-18 9:20 0 bytes Key name contains embedded nulls (*)
HKLM\SOFTWARE\Classes\ 2005-8-18 9:22 0 bytes Key name contains embedded nulls (*)
HKLM\SOFTWARE\Classes\ 2005-8-18 9:22 0 bytes Key name contains embedded nulls (*)
HKLM\SOFTWARE\Classes\ 2005-8-18 9:20 0 bytes Key name contains embedded nulls (*)
HKLM\SOFTWARE\Classes\ 2005-8-18 9:20 0 bytes Key name contains embedded nulls (*)
HKLM\SOFTWARE\Classes\ 2005-8-18 9:20 0 bytes Key name contains embedded nulls (*)
HKLM\SOFTWARE\Classes\ 2005-8-18 9:22 0 bytes Key name contains embedded nulls (*)
HKLM\SOFTWARE\Classes\ 2005-8-18 9:22 0 bytes Key name contains embedded nulls (*)
HKLM\SOFTWARE\Classes\ 2005-8-18 9:22 0 bytes Key name contains embedded nulls (*)
HKLM\SOFTWARE\Classes\ 2005-8-18 9:22 0 bytes Key name contains embedded nulls (*)
HKLM\SOFTWARE\Classes\ 2005-8-18 9:22 0 bytes Key name contains embedded nulls (*)
HKLM\SOFTWARE\Classes\ 2005-8-18 9:22 0 bytes Key name contains embedded nulls (*)
HKLM\SOFTWARE\Classes\ 2005-8-18 9:22 0 bytes Key name contains embedded nulls (*)
HKLM\SOFTWARE\Classes\ 2005-8-18 9:22 0 bytes Key name contains embedded nulls (*)
HKLM\SOFTWARE\Classes\ 2005-8-18 9:22 0 bytes Key name contains embedded nulls (*)
HKLM\SOFTWARE\Classes\ 2005-8-18 9:22 0 bytes Key name contains embedded nulls (*)
HKLM\SOFTWARE\Classes\ 2005-8-18 9:22 0 bytes Key name contains embedded nulls (*)
HKLM\SOFTWARE\Classes\ 2005-8-18 9:22 0 bytes Key name contains embedded nulls (*)
HKLM\SOFTWARE\Classes\ 2005-8-18 9:22 0 bytes Key name contains embedded nulls (*)
HKLM\SOFTWARE\Classes\ 2005-8-18 9:22 0 bytes Key name contains embedded nulls (*)
HKLM\SOFTWARE\Classes\ 2005-8-18 9:22 0 bytes Key name contains embedded nulls (*)
HKLM\SOFTWARE\Classes\ 2005-8-18 9:22 0 bytes Key name contains embedded nulls (*)
HKLM\SOFTWARE\Classes\ 2005-8-18 9:22 0 bytes Key name contains embedded nulls (*)
HKLM\SOFTWARE\Classes\ 2005-8-18 9:22 0 bytes Key name contains embedded nulls (*)
HKLM\SOFTWARE\Lenovo\ 2005-9-18 17:28 0 bytes Key name contains embedded nulls (*)
HKLM\SOFTWARE\Lenovo\ 2005-9-18 17:21 0 bytes Key name contains embedded nulls (*)
HKLM\SOFTWARE\Lenovo\ 2005-9-18 17:34 0 bytes Key name contains embedded nulls (*)
HKLM\SOFTWARE\Lenovo\ 2005-9-18 17:07 0 bytes Key name contains embedded nulls (*)
HKLM\SOFTWARE\Lenovo\ 2005-9-18 17:34 0 bytes Key name contains embedded nulls (*)
HKLM\SOFTWARE\Lenovo\ 2005-8-18 10:00 0 bytes Key name contains embedded nulls (*)
HKLM\SOFTWARE\Lenovo\ 2005-9-18 17:05 0 bytes Key name contains embedded nulls (*)
HKLM\SOFTWARE\Microsoft\Cryptography\RNG\Seed 2005-12-14 18:50 80 bytes Data mismatch between Windows API and raw hive data.
HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Documents and Settings^All Users^ 2005-12-11 13:30 0 bytes Key name contains embedded nulls (*)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Adobe Photoshop 7.0 2005-9-25 0:02 0 bytes Key name contains embedded nulls (*)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\VolumeCaches\ 2003-10-20 11:34 0 bytes Key name contains embedded nulls (*)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Adobe Photoshop 7.0 2005-9-19 21:41 0 bytes Key name contains embedded nulls (*)
HKLM\SOFTWARE\ODBC\ODBCINST.INI\Conversor de p 2005-9-18 17:24 0 bytes Key name contains embedded nulls (*)
HKLM\SOFTWARE\ODBC\ODBCINST.INI\MS Code Page- 2005-9-18 17:24 0 bytes Key name contains embedded nulls (*)
HKLM\SOFTWARE\Ulead Systems\ 2005-9-18 17:33 0 bytes Key name contains embedded nulls (*)
HKLM\SOFTWARE\YingSoft\YingInstall\http://www.mmsk.cn\ 2005-12-11 13:30 0 bytes Key name contains embedded nulls (*)
HKLM\SOFTWARE\ 2005-8-18 9:31 0 bytes Key name contains embedded nulls (*)
HKLM\SOFTWARE\ 2005-8-18 10:01 0 bytes Key name contains embedded nulls (*)
C:\System Volume Information\_restore{D7CF3D9E-189B-4FD5-AB28-4C52C51EE0EE}\RP206\A0024302.ini 2005-12-7 18:37 1.01 KB Hidden from Windows API.
C:\System Volume Information\_restore{D7CF3D9E-189B-4FD5-AB28-4C52C51EE0EE}\RP206\A0024303.ini 2005-12-7 18:37 664 bytes Hidden from Windows API.
C:\System Volume Information\_restore{D7CF3D9E-189B-4FD5-AB28-4C52C51EE0EE}\RP206\A0024304.INI 2005-12-7 18:37 67 bytes Hidden from Windows API.
C:\WINDOWS\Prefetch\XDICT.EXE-3AF5923A.pf 2005-12-14 18:53 38.69 KB Hidden from Windows API.E: 1601-1-1 8:00 0 bytes Error mounting volumeF: 1601-1-1 8:00 0 bytes Error mounting volume其中主要是最后粗体的几项