PDA

View Full Version : Are these entries ok?



whiteboxer
2013-08-16, 18:56
Hello and thank you for your attention

I have done a ROOTKIT Scan on my computer with Spybot (free edition - Version 2.1.18.0 ) and
got many "Unkown ADS" (most are on png or jpg files)and three "No admin in ACL" messages.
Because I have no ideas about the results, it would be very kind if you could check them and let me know.

Below are the logs

// info: Rootkit removal help file
// copyright: (c) 2008-2013 Safer-Networking Ltd. All rights reserved.

:: RootAlyzer Results
File:"Unknown ADS","Q:\FactoryRecovery\RECOVERY.INI:Done:$DATA"
File:"Unknown ADS","C:\sagyo\AgDEM250_u54j.tif:com.dropbox.attributes:$DATA"
File:"No admin in ACL","C:\Program Files (x86)\Lenovo\Lenovo Welcome\logs"
File:"Unknown ADS","C:\Dropbox\tmp\jp_gap0.png:com.dropbox.attributes:$DATA"
File:"Unknown ADS","C:\Dropbox\tmp\my_photo.jpg:com.dropbox.attributes:$DATA"
File:"Unknown ADS","C:\Dropbox\tmp\my_photo_up.tif:com.dropbox.attributes:$DATA"
File:"Unknown ADS","C:\Dropbox\tmp\x_other\mn_matrix\MN_matrix2.png:com.dropbox.attributes:$DATA"
File:"Unknown ADS","C:\Dropbox\tmp\Mesh2Map\MCODE.tif:com.dropbox.attributes:$DATA"
"Unknown ADS","C:\Dropbox\tmp\asn\mesh_points.png:com.dropbox.attributes:$DATA"
File:"Unknown ADS","C:\Dropbox\tmp\asn\result_6cases.png:com.dropbox.attributes:$DATA"
File:"Unknown ADS","C:\Dropbox\Photos\Sample Album\Costa Rican Frog.jpg:com.dropbox.attributes:$DATA"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Applets\SysTray\BattMeter\","Flyout"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Wow6432Node\Microsoft\Security Center\","Svc"


In advance, I thank you very much for your help.

Kind regards

Muu

tashi
2013-08-16, 19:50
Hello whiteboxer,



In general all items found by the RootAlyzer are not necessarily malicious. The RootAlyzer shows items which it believes to be out of the ordinary and may give a hint for an infection.
The RootAlyzer is an analyst tool, it is not a scan and fix tool like the System or File Scan.

It's not possible to know all legit ADS stream names but your log isn't raising a flag.

How is the computer running in general? :)

Best regards.

whiteboxer
2013-08-17, 10:16
tashi thank you very much for the reply.

The PC seems to have no fatal problems. But when I use Chrome for web browsing, sound of the fan of my computer becomes very large ...
(The sound becomes very small when I manually disable internet access :( )

I suspect that the computer was infected by some sort of virus or malware and scanned using several virus scanning applications(avast!, Norton, etc).
But the application did not detect suspicious files.
So I used ROOTKIT Scan...

Do you have any suggestion what I should do? Any suggestion is welcome!

Thank you in advance.

Whiteboxer


Hello whiteboxer,



It's not possible to know all legit ADS stream names but your log isn't raising a flag.

How is the computer running in general? :)

Best regards.

tashi
2013-08-18, 02:37
Hello whiteboxer,


I suspect that the computer was infected by some sort of virus or malware and scanned using several virus scanning applications(avast!, Norton, etc).

How many anti virus programs do you have installed? :)

whiteboxer
2013-08-18, 13:43
tashi thank you for the reply!

Although I have tested several anti-virus programs, I only installed one program at a time.
Currently, I am using avast! only .
I hope this is fine.. :)

Whiteboxer

Hello whiteboxer,

How many anti virus programs do you have installed? :)

tashi
2013-08-18, 18:27
Hello Whiteboxer,
tashi thank you for the reply!

Although I have tested several anti-virus programs, I only installed one program at a time.
Currently, I am using avast! only .
I hope this is fine.. :)

Whiteboxer

Yes only one anti virus installed is as it should be. :bigthumb: