Bobbbi
2013-04-12, 04:10
Hello to the Spybot-Team,
that's my first thread, so I hope to give all required Information in acceptable English.
I'm using an Intel Duel Core 2.16 GHz, 3 GB RAM, Win7 Ultimate 32 Bit SP1, Avira Free Antivirus, MBAM Pro and of course Spybot - Search & Destroy 2 (2.0.12.0)
I did a deep rootkit scan and that is the matching Logfile:
// info: Rootkit removal help file
// copyright: (c) 2008-2013 Safer-Networking Ltd. All rights reserved.
:: RootAlyzer Results
File:"Hidden file","C:\Windows\MSIECO"
File:"Hidden file","C:\Windows\Œ"
File:"Unknown ADS","C:\Windows\Cursors\arrow_n.cur:NEDTA.DAT:$DATA"
File:"No admin in ACL","C:\Users\All Users\Microsoft\OFFICE\DATA"
File:"No admin in ACL","C:\Users\All Users\Microsoft\OFFICE\DATA\81608.bpc"
File:"No admin in ACL","C:\Users\All Users\Microsoft\OFFICE\DATA\OPA12.BAK"
File:"No admin in ACL","C:\Users\All Users\Microsoft\OFFICE\DATA\opa12.dat"
File:"Unknown ADS","C:\Users\Ales\Documents\Scanned Documents\Begrungsscan.jpg:3or4kl4x13tuuug3Byamue2s4b:$DATA"
File:"No admin in ACL","C:\ProgramData\Microsoft\OFFICE\DATA"
RegyValue:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\LogonUI\","LogonSoundPlayed"[/CODE]I read about "No admin in ACL" and "Unknown ADS" and now in my opinion lines 4 -7 and line 9 are no malware and the RebyValue is needed by windows.
Lines 1 an 2: I've got no idea :confused:
Line 3: I'm unsure... maybe truly a needed ADS for my mouse-coursor :scratch:
Line 8: the picture exists, but I was wondering what means ":3or4kl4x13tuuug3Byamue2s4b:$DATA" :confused:
I hope you clear up my confusion. Thanks in advance!
that's my first thread, so I hope to give all required Information in acceptable English.
I'm using an Intel Duel Core 2.16 GHz, 3 GB RAM, Win7 Ultimate 32 Bit SP1, Avira Free Antivirus, MBAM Pro and of course Spybot - Search & Destroy 2 (2.0.12.0)
I did a deep rootkit scan and that is the matching Logfile:
// info: Rootkit removal help file
// copyright: (c) 2008-2013 Safer-Networking Ltd. All rights reserved.
:: RootAlyzer Results
File:"Hidden file","C:\Windows\MSIECO"
File:"Hidden file","C:\Windows\Œ"
File:"Unknown ADS","C:\Windows\Cursors\arrow_n.cur:NEDTA.DAT:$DATA"
File:"No admin in ACL","C:\Users\All Users\Microsoft\OFFICE\DATA"
File:"No admin in ACL","C:\Users\All Users\Microsoft\OFFICE\DATA\81608.bpc"
File:"No admin in ACL","C:\Users\All Users\Microsoft\OFFICE\DATA\OPA12.BAK"
File:"No admin in ACL","C:\Users\All Users\Microsoft\OFFICE\DATA\opa12.dat"
File:"Unknown ADS","C:\Users\Ales\Documents\Scanned Documents\Begrungsscan.jpg:3or4kl4x13tuuug3Byamue2s4b:$DATA"
File:"No admin in ACL","C:\ProgramData\Microsoft\OFFICE\DATA"
RegyValue:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\LogonUI\","LogonSoundPlayed"[/CODE]I read about "No admin in ACL" and "Unknown ADS" and now in my opinion lines 4 -7 and line 9 are no malware and the RebyValue is needed by windows.
Lines 1 an 2: I've got no idea :confused:
Line 3: I'm unsure... maybe truly a needed ADS for my mouse-coursor :scratch:
Line 8: the picture exists, but I was wondering what means ":3or4kl4x13tuuug3Byamue2s4b:$DATA" :confused:
I hope you clear up my confusion. Thanks in advance!