Hedwig
2012-12-30, 14:21
Hi, i just ran rootkit scan and got the following things and i'm thankful if someone can help me out with it.
// info: Rootkit removal help file
// copyright: (c) 2008-2012 Safer-Networking Ltd. All rights reserved.
:: RootAlyzer Results
File:"No admin in ACL","C:\Windows\winsxs\msil_system.windows.forms_b77a5c561934e089_6.1.7601.21949_none_ee7d1c9d19d30450\System.Windows.Forms.dll"
File:"No admin in ACL","C:\Windows\winsxs\msil_system.design_b03f5f7f11d50a3a_6.1.7601.21949_none_72db44b9d967ee2c\System.Design.dll"
File:"No admin in ACL","C:\Windows\winsxs\msil_system.design.resources_b03f5f7f11d50a3a_6.1.7601.21949_fi-fi_2cc6d69cf29a53d6\System.Design.resources.dll"
File:"No admin in ACL","C:\Windows\winsxs\msil_system.design.resources_b03f5f7f11d50a3a_6.1.7601.17798_fi-fi_439995bad8ee5891\System.Design.resources.dll"
File:"No admin in ACL","C:\Windows\winsxs\amd64_netfx-system.windows.forms_b03f5f7f11d50a3a_6.1.7601.21949_none_6ca6817095062b29\System.Windows.Forms.dll"
File:"No admin in ACL","C:\Windows\winsxs\amd64_netfx-system.design_b03f5f7f11d50a3a_6.1.7601.21949_none_73ef0f422f3bd4bf\System.Design.dll"
File:"No admin in ACL","C:\Windows\assembly\GAC_MSIL\System.Design.resources\2.0.0.0_fi_b03f5f7f11d50a3a\System.Design.resources.dll"
File:"Unknown ADS","C:\Users\All Users\Temp:07BF512B:$DATA"
File:"Unknown ADS","C:\Users\All Users\Temp:D287FACF:$DATA"
File:"Unknown ADS","C:\Users\All Users\Temp:D3A96964:$DATA"
File:"No admin in ACL","C:\Users\All Users\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\SRTSP\SrtETmp"
File:"No admin in ACL","C:\Users\All Users\AVG2012\log\history.xml"
File:"No admin in ACL","C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\SRTSP\SrtETmp"
File:"No admin in ACL","C:\ProgramData\AVG2012\log\history.xml"
RegyValue:"Zero char in key name","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\","{057C7771-F320-4C2A-A2EA-747945FA82F2}\0"
// Attention: entries with a zero character will not be displayed correctly and may not work!
RegyValue:"Zero char in key name","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\","{47BF077C-44C6-42B1-8F88-ADE2585DD2ED}\0"
// Attention: entries with a zero character will not be displayed correctly and may not work!
RegyValue:"Zero char in key name","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\","{97A98033-9FA1-4E80-A339-59787B43CC89}\0"
// Attention: entries with a zero character will not be displayed correctly and may not work!
RegyValue:"Zero char in key name","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\","{A82EB336-567D-4F41-A63E-8113AD8B6903}\0"
// Attention: entries with a zero character will not be displayed correctly and may not work!
RegyValue:"Zero char in key name","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\","{C4B20040-7D5A-4558-9E19-B7DF94366F97}\0"
// Attention: entries with a zero character will not be displayed correctly and may not work!
RegyValue:"Zero char in key name","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\Wow6432Node\","{057C7771-F320-4C2A-A2EA-747945FA82F2}\0"
// Attention: entries with a zero character will not be displayed correctly and may not work!
RegyValue:"Zero char in key name","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\Wow6432Node\","{47BF077C-44C6-42B1-8F88-ADE2585DD2ED}\0"
// Attention: entries with a zero character will not be displayed correctly and may not work!
RegyValue:"Zero char in key name","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\Wow6432Node\","{97A98033-9FA1-4E80-A339-59787B43CC89}\0"
// Attention: entries with a zero character will not be displayed correctly and may not work!
RegyValue:"Zero char in key name","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\Wow6432Node\","{A82EB336-567D-4F41-A63E-8113AD8B6903}\0"
// Attention: entries with a zero character will not be displayed correctly and may not work!
RegyValue:"Zero char in key name","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\Wow6432Node\","{C4B20040-7D5A-4558-9E19-B7DF94366F97}\0"
// Attention: entries with a zero character will not be displayed correctly and may not work!
// info: Rootkit removal help file
// copyright: (c) 2008-2012 Safer-Networking Ltd. All rights reserved.
:: RootAlyzer Results
File:"No admin in ACL","C:\Windows\winsxs\msil_system.windows.forms_b77a5c561934e089_6.1.7601.21949_none_ee7d1c9d19d30450\System.Windows.Forms.dll"
File:"No admin in ACL","C:\Windows\winsxs\msil_system.design_b03f5f7f11d50a3a_6.1.7601.21949_none_72db44b9d967ee2c\System.Design.dll"
File:"No admin in ACL","C:\Windows\winsxs\msil_system.design.resources_b03f5f7f11d50a3a_6.1.7601.21949_fi-fi_2cc6d69cf29a53d6\System.Design.resources.dll"
File:"No admin in ACL","C:\Windows\winsxs\msil_system.design.resources_b03f5f7f11d50a3a_6.1.7601.17798_fi-fi_439995bad8ee5891\System.Design.resources.dll"
File:"No admin in ACL","C:\Windows\winsxs\amd64_netfx-system.windows.forms_b03f5f7f11d50a3a_6.1.7601.21949_none_6ca6817095062b29\System.Windows.Forms.dll"
File:"No admin in ACL","C:\Windows\winsxs\amd64_netfx-system.design_b03f5f7f11d50a3a_6.1.7601.21949_none_73ef0f422f3bd4bf\System.Design.dll"
File:"No admin in ACL","C:\Windows\assembly\GAC_MSIL\System.Design.resources\2.0.0.0_fi_b03f5f7f11d50a3a\System.Design.resources.dll"
File:"Unknown ADS","C:\Users\All Users\Temp:07BF512B:$DATA"
File:"Unknown ADS","C:\Users\All Users\Temp:D287FACF:$DATA"
File:"Unknown ADS","C:\Users\All Users\Temp:D3A96964:$DATA"
File:"No admin in ACL","C:\Users\All Users\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\SRTSP\SrtETmp"
File:"No admin in ACL","C:\Users\All Users\AVG2012\log\history.xml"
File:"No admin in ACL","C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\SRTSP\SrtETmp"
File:"No admin in ACL","C:\ProgramData\AVG2012\log\history.xml"
RegyValue:"Zero char in key name","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\","{057C7771-F320-4C2A-A2EA-747945FA82F2}\0"
// Attention: entries with a zero character will not be displayed correctly and may not work!
RegyValue:"Zero char in key name","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\","{47BF077C-44C6-42B1-8F88-ADE2585DD2ED}\0"
// Attention: entries with a zero character will not be displayed correctly and may not work!
RegyValue:"Zero char in key name","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\","{97A98033-9FA1-4E80-A339-59787B43CC89}\0"
// Attention: entries with a zero character will not be displayed correctly and may not work!
RegyValue:"Zero char in key name","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\","{A82EB336-567D-4F41-A63E-8113AD8B6903}\0"
// Attention: entries with a zero character will not be displayed correctly and may not work!
RegyValue:"Zero char in key name","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\","{C4B20040-7D5A-4558-9E19-B7DF94366F97}\0"
// Attention: entries with a zero character will not be displayed correctly and may not work!
RegyValue:"Zero char in key name","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\Wow6432Node\","{057C7771-F320-4C2A-A2EA-747945FA82F2}\0"
// Attention: entries with a zero character will not be displayed correctly and may not work!
RegyValue:"Zero char in key name","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\Wow6432Node\","{47BF077C-44C6-42B1-8F88-ADE2585DD2ED}\0"
// Attention: entries with a zero character will not be displayed correctly and may not work!
RegyValue:"Zero char in key name","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\Wow6432Node\","{97A98033-9FA1-4E80-A339-59787B43CC89}\0"
// Attention: entries with a zero character will not be displayed correctly and may not work!
RegyValue:"Zero char in key name","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\Wow6432Node\","{A82EB336-567D-4F41-A63E-8113AD8B6903}\0"
// Attention: entries with a zero character will not be displayed correctly and may not work!
RegyValue:"Zero char in key name","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\Wow6432Node\","{C4B20040-7D5A-4558-9E19-B7DF94366F97}\0"
// Attention: entries with a zero character will not be displayed correctly and may not work!