PDA

View Full Version : rootalyzer and spybot log



hillertop
2009-06-03, 07:50
// info: Rootkit removal help file
// copyright: (c) 2008 Safer Networking Ltd. All rights reserved.

:: RootAlyzer Results
File:"Unknown ADS","C:\Windows\winsxs\amd64_microsoft-windows-p..rastructureconsumer_31bf3856ad364e35_6.0.6001.18000_none_0ffb2a22e8cf7e13\System Diagnostics.xml:0v1ieca3Feahez0jAwxjjk5uRh:$DATA"
File:"Unknown ADS","C:\Windows\PLA\System\System Diagnostics.xml:0v1ieca3Feahez0jAwxjjk5uRh:$DATA"
File:"Unknown ADS","C:\Users\user\Pictures\2009-04-28\070.AVI:TOC.WMV:$DATA"
File:"Unknown ADS","C:\Users\user\AppData\Local\Microsoft\Windows Mail\Local Folders\Outbox\00A15E7D-0000000B.eml:OECustomProperty:$DATA"
File:"Unknown ADS","C:\Users\user\AppData\Local\Microsoft\Windows Mail\Local Folders\Outbox\1C6B061A-00000001.eml:OECustomProperty:$DATA"
File:"Unknown ADS","C:\Users\user\AppData\Local\Microsoft\Windows Mail\Local Folders\Outbox\22B60D57-0000000A.eml:OECustomProperty:$DATA"
File:"Unknown ADS","C:\Users\user\AppData\Local\Microsoft\Windows Mail\Local Folders\Outbox\2E5973B5-00000009.eml:OECustomProperty:$DATA"
File:"Unknown ADS","C:\Users\user\AppData\Local\Microsoft\Windows Mail\Local Folders\Outbox\2FF053F7-00000006.eml:OECustomProperty:$DATA"
File:"Unknown ADS","C:\Users\user\AppData\Local\Microsoft\Windows Mail\Local Folders\Outbox\369674AC-00000007.eml:OECustomProperty:$DATA"
File:"Unknown ADS","C:\Users\user\AppData\Local\Microsoft\Windows Mail\Local Folders\Outbox\382B1E56-00000005.eml:OECustomProperty:$DATA"
File:"Unknown ADS","C:\Users\user\AppData\Local\Microsoft\Windows Mail\Local Folders\Outbox\53CD71E1-00000008.eml:OECustomProperty:$DATA"
File:"Unknown ADS","C:\Users\user\AppData\Local\Microsoft\Windows Mail\Local Folders\Outbox\566B1C3D-00000002.eml:OECustomProperty:$DATA"
File:"Unknown ADS","C:\Users\user\AppData\Local\Microsoft\Windows Mail\Local Folders\Outbox\57754F2D-00000003.eml:OECustomProperty:$DATA"
File:"Unknown ADS","C:\Users\user\AppData\Local\Microsoft\Windows Mail\Local Folders\Outbox\72232B00-00000004.eml:OECustomProperty:$DATA"
File:"Unknown ADS","C:\Users\user\AppData\Local\Microsoft\Windows Mail\Local Folders\Inbox\411E499A-00000001.eml:OECustomProperty:$DATA"
File:"Unknown ADS","C:\Users\Merlika\AppData\Local\Microsoft\Windows Mail\Local Folders\Inbox\2CA47D61-00000001.eml:OECustomProperty:$DATA"
File:"Unknown ADS","C:\Users\Guest\AppData\Local\Microsoft\Windows Mail\Local Folders\Inbox\3503326F-00000001.eml:OECustomProperty:$DATA"
File:"No admin in ACL","C:\Users\All Users\Pure Networks\Log\logfile.nmctxth_exe.txt"
File:"No admin in ACL","C:\Users\All Users\Pure Networks\Log\logfile.nmctxth_exe_1.txt"
File:"No admin in ACL","C:\Users\All Users\Pure Networks\Log\logfile.nmctxth_exe_2.txt"
File:"No admin in ACL","C:\Users\All Users\Pure Networks\Log\logfile.nmctxth_exe_3.txt"
File:"No admin in ACL","C:\Users\All Users\Pure Networks\Log\logfile.nmctxth_exe_4.txt"
File:"No admin in ACL","C:\Users\All Users\Pure Networks\Log\logfile.nmsrvc_exe.txt"
File:"No admin in ACL","C:\Users\All Users\Pure Networks\Log\logfile.nmsrvc_exe_1.txt"
File:"No admin in ACL","C:\Users\All Users\Pure Networks\Log\logfile.nmsrvc_exe_2.txt"
File:"No admin in ACL","C:\Users\All Users\Pure Networks\Log\logfile.nmsrvc_exe_3.txt"
File:"No admin in ACL","C:\Users\All Users\Pure Networks\Log\logfile.nmsrvc_exe_4.txt"
File:"No admin in ACL","C:\Users\All Users\Pure Networks\Log\logfile.platformsetup_exe.txt"
File:"No admin in ACL","C:\Users\All Users\Microsoft\OFFICE\DATA\opa12.dat"
File:"Unknown ADS","C:\Users\All Users\Hewlett-Packard\Media\DVD\001.FCL:001.FCL:$DATA"
File:"No admin in ACL","C:\ProgramData\Pure Networks\Log\logfile.nmctxth_exe.txt"
File:"No admin in ACL","C:\ProgramData\Pure Networks\Log\logfile.nmctxth_exe_1.txt"
File:"No admin in ACL","C:\ProgramData\Pure Networks\Log\logfile.nmctxth_exe_2.txt"
File:"No admin in ACL","C:\ProgramData\Pure Networks\Log\logfile.nmctxth_exe_3.txt"
File:"No admin in ACL","C:\ProgramData\Pure Networks\Log\logfile.nmctxth_exe_4.txt"
File:"No admin in ACL","C:\ProgramData\Pure Networks\Log\logfile.nmsrvc_exe.txt"
File:"No admin in ACL","C:\ProgramData\Pure Networks\Log\logfile.nmsrvc_exe_1.txt"
File:"No admin in ACL","C:\ProgramData\Pure Networks\Log\logfile.nmsrvc_exe_2.txt"
File:"No admin in ACL","C:\ProgramData\Pure Networks\Log\logfile.nmsrvc_exe_3.txt"
File:"No admin in ACL","C:\ProgramData\Pure Networks\Log\logfile.nmsrvc_exe_4.txt"
File:"No admin in ACL","C:\ProgramData\Pure Networks\Log\logfile.platformsetup_exe.txt"
File:"Unknown ADS","C:\ProgramData\Hewlett-Packard\Media\DVD\001.FCL:001.FCL:$DATA"
File:"No admin in ACL","C:\Program Files (x86)\Hp\HP Software Update\Contents.dat"
File:"No admin in ACL","C:\Program Files (x86)\Hp\HP Software Update\global.js"
File:"No admin in ACL","C:\Program Files (x86)\Hp\HP Software Update\HpuFunction.dll"
File:"No admin in ACL","C:\Program Files (x86)\Hp\HP Software Update\HPWUCli.exe"
File:"No admin in ACL","C:\Program Files (x86)\Hp\HP Software Update\hpwuSchd2.exe"
File:"No admin in ACL","C:\Program Files (x86)\Hp\HP Software Update\main.hta"
File:"No admin in ACL","C:\Program Files (x86)\Hp\HP Software Update\SoftwareUpdate.dll"
File:"No admin in ACL","C:\Program Files (x86)\Hp\HP Software Update\unicows.dll"
File:"Unknown ADS","C:\PerfLogs\System\Diagnostics\20090504-0002\report.xml:Qgrg2rf1Znaluncm1kfl1xla5h:$DATA"
File:"Unknown ADS","C:\PerfLogs\System\Diagnostics\20090326-0001\report.xml:Qgrg2rf1Znaluncm1kfl1xla5h:$DATA"
Directory:"No admin in ACL","C:\Users\All Users\Microsoft\OFFICE\DATA"
Directory:"No admin in ACL","C:\ProgramData\Microsoft\OFFICE\DATA"
Directory:"No admin in ACL","C:\Program Files (x86)\Hp\HP Software Update"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Applets\SysTray\BattMeter\","Flyout"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Wow6432Node\Microsoft\Security Center\","Svc"
Somebody's post was right erupt doesnt like vista. If I backed up my registry or made list a while ago is that good enough?:confused:

tashi
2009-06-03, 08:07
Hello hillertop,

Please see this forum's FAQ, "BEFORE you POST"(READ this Procedure BEFORE Requesting Assistance) (http://forums.spybot.info/showthread.php?t=288)

Then start a new topic providing the HJT log and a link to this thread.

Best regards. :)