PDA

View Full Version : Unknown ADS... but i cant find it.



livinNxtc
2010-01-02, 15:10
I just ran RootAlyzer for the first time and there is an Unknown ADS. But, when I looked for it myself, i cannot find it. How am I supposed to remove it if it is hidden? here is my log.

// info: Rootkit removal help file
// copyright: (c) 2008-2009 Safer-Networking Ltd. All rights reserved.

:: RootAlyzer Results
File:"Unknown ADS","C:\Users\All Users\Temp:F35A93AD:$DATA"
File:"No admin in ACL","C:\Users\All Users\Microsoft\OFFICE\DATA\81602.bpc"
File:"No admin in ACL","C:\Users\All Users\Microsoft\OFFICE\DATA\OPA12.BAK"
File:"No admin in ACL","C:\Users\All Users\Microsoft\OFFICE\DATA\opa12.dat"
File:"No admin in ACL","C:\Program Files\HP\HP Software Update\Contents.dat"
File:"No admin in ACL","C:\Program Files\HP\HP Software Update\global.js"
File:"No admin in ACL","C:\Program Files\HP\HP Software Update\HpuFunction.dll"
File:"No admin in ACL","C:\Program Files\HP\HP Software Update\HPWUCli.exe"
File:"No admin in ACL","C:\Program Files\HP\HP Software Update\hpwuSchd2.exe"
File:"No admin in ACL","C:\Program Files\HP\HP Software Update\main.hta"
File:"No admin in ACL","C:\Program Files\HP\HP Software Update\SoftwareUpdate.dll"
File:"No admin in ACL","C:\Program Files\HP\HP Software Update\unicows.dll"
Directory:"No admin in ACL","C:\Users\All Users\Microsoft\OFFICE\DATA"
Directory:"No admin in ACL","C:\ProgramData\Microsoft\OFFICE\DATA"
Directory:"No admin in ACL","C:\Program Files\HP\HP Software Update"

If anyone has any suggestions, i would really appreciate it. Im very worried. all of my scans come up with nothing yet i have found myself being denied access to things and remote access things have come up as 'exceptions' on my firewall....

Matt
2010-01-02, 17:59
Hi livinNxtc,

:welcome: to Safer Networking Forums.

Please delete your temp files with ATF Cleaner (http://www.atribune.org/index.php?option=com_content&task=view&id=25&Itemid=25), scan your computer with RootAlyzer again and tell me if you you still have this Unknown ADS.