PDA

View Full Version : Are the found items really Rootkit?



ilpiolo81
2013-03-29, 17:52
Hi! I'm new here so sorry if I'm not writing in the right section. Someone can help me?

Many thanks!!

// info: Rootkit removal help file
// copyright: (c) 2008-2013 Safer-Networking Ltd. All rights reserved.

:: RootAlyzer Results
File:"No admin in ACL","C:\System Recovery"
File:"No admin in ACL","C:\Documents and Settings\Utente\Dati applicazioni\Tribal Masks"
File:"No admin in ACL","C:\Documents and Settings\Utente\Dati applicazioni\Trumpet Section"
File:"No admin in ACL","C:\Documents and Settings\Utente\Dati applicazioni\Tuner"
File:"No admin in ACL","C:\Documents and Settings\All Users\Dati applicazioni\deskjet"
File:"No admin in ACL","C:\Documents and Settings\All Users\Dati applicazioni\filter"
File:"No admin in ACL","C:\Documents and Settings\All Users\Dati applicazioni\howto"
File:"No admin in ACL","C:\Documents and Settings\All Users\Dati applicazioni\PKP_DLes.DAT"
File:"No admin in ACL","C:\Documents and Settings\All Users\Dati applicazioni\PKP_DLet.DAT"
File:"No admin in ACL","C:\Documents and Settings\All Users\Dati applicazioni\PKP_DLev.DAT"
File:"No admin in ACL","C:\Documents and Settings\All Users\Dati applicazioni\User Loops"
File:"No admin in ACL","C:\Documents and Settings\All Users\Dati applicazioni\User Pictures"
File:"No admin in ACL","C:\Documents and Settings\All Users\Dati applicazioni\Utilities"
File:"No admin in ACL","C:\Documents and Settings\All Users\Dati applicazioni\Ultima_T15\reg_configek.stn"
File:"No admin in ACL","C:\Documents and Settings\All Users\Dati applicazioni\Ultima_T15\reg_configel.stn"
File:"No admin in ACL","C:\Documents and Settings\All Users\Dati applicazioni\Ultima_T15\reg_configen.stn"
File:"No admin in ACL","C:\Documents and Settings\All Users\Dati applicazioni\Microsoft\Network\Connections\Pbk\HUAWEI.pbk"
File:"No admin in ACL","C:\Documents and Settings\All Users\Dati applicazioni\EnterNHelp\hxcw.xxc"
File:"No admin in ACL","C:\Documents and Settings\All Users\Dati applicazioni\EnterNHelp\hxcx.xxc"
File:"No admin in ACL","C:\Documents and Settings\All Users\Dati applicazioni\EnterNHelp\hxcz.xxc"
File:"No admin in ACL","C:\Documents and Settings\All Users\Dati applicazioni\EnterNHelp\hxdu.xxb"
File:"No admin in ACL","C:\Documents and Settings\All Users\Dati applicazioni\EnterNHelp\hxdv.xxb"
File:"No admin in ACL","C:\Documents and Settings\All Users\Dati applicazioni\EnterNHelp\hxdx.xxb"

spybotsandra
2013-04-02, 17:10
Hello,

That are no Rootkits, that are some hidden Application Data files.

If you get ‘No admin in ACL’ this threads in our forum should help explaining:
Unknown ADS and no Admin in ACL what is good and what is bad??? (http://forums.spybot.info/showthread.php?t=27446)
and
Unknown ADS (http://forums.spybot.info/showthread.php?t=68086) .

Malware sometimes uses rootkit technology to hide itself at system level.
This makes it undetectable by standard tools. Our plugins help Spybot – Search & Destroy to detect this form of malware.
Our Rootkit Scanner tool shows anything that uses certain rootkit technologies. But items with rootkit properties detected here are not necessarily malware. Sometimes, legit software uses rootkit technologies to hide registration data or other things it does not want the user to see in any case. So please keep in mind that the Rootkit Scanner only flags suspicious stuff, not identifying just bad stuff.

The deletion is final and can not be recovered through the Quarantine.
If you still want to remove the found items it is strongly recommend to create a system restore point (http://windows.microsoft.com/en-US/windows-vista/System-Restore-frequently-asked-questions) before doing that.

Best regards
Sandra
Team Spybot