PDA

View Full Version : Rootkit Scan Results



Gwalch Y Mor
2013-12-29, 16:00
Hello .

I carried out a rootkit scan this morning and found the following :-

11121

Can someone please tell me if these are legitimate or should they be removed .


Many Thanks

Gwalch

tashi
2013-12-29, 16:47
Hello Gwalch Y Mor,

Please copy paste the scan result, (flagged items) into thread. See other topics in this RootAlyzer (http://forums.spybot.info/forumdisplay.php?46-RootAlyzer) forum for examples. :)

Best regards.

Gwalch Y Mor
2013-12-29, 17:44
Hello Gwalch Y Mor,

Please copy paste the scan result, (flagged items) into thread. See other topics in this RootAlyzer (http://forums.spybot.info/forumdisplay.php?46-RootAlyzer) forum for examples. :)

Best regards.


Here are the scan results :-

RootAlyzer Quick Scan Results

Files in Windows folder
----------------------------------------
718 files tested.
No hidden files detected.
========================================

Files in System folder
----------------------------------------
2817 files tested.
No hidden files detected.
========================================

Global run entries
----------------------------------------
2 keys and 5 values tested.
No hidden entries detected.
========================================

Winlogon entries
----------------------------------------
12 keys tested.
No hidden entries detected.
========================================

Invisible processes (from handles)
----------------------------------------
40 handle process IDs for 41 processes tested.
No hidden processes detected.
========================================

Invisible processes (from threads)
----------------------------------------
41 processes tested.
No hidden processes detected.
========================================









// info: Rootkit removal help file
// copyright: (c) 2008-2013 Safer-Networking Ltd. All rights reserved.

:: RootAlyzer Results
File:"No admin in ACL","C:\WINDOWS\{00000005-00000000-00000006-00001102-00000004-20021102}.CDF"
File:"No admin in ACL","C:\WINDOWS\system32\Defaults\EA0004_20021102{59639116-11D1-D955-A000-9D9D737F8EC9}.rdf"
File:"No admin in ACL","C:\WINDOWS\system32\Defaults\MX0004_20021102{1B2D3721-11d6-5795-D000-869CD73B8EB7}.rdf"
File:"No admin in ACL","C:\WINDOWS\system32\Defaults\MX0004_20021102{48FCFB81-480E-11d7-9C86-00D0B78E3BD7}.rdf"
File:"No admin in ACL","C:\WINDOWS\system32\Defaults\MX0004_20021102{59639116-11D1-D955-A000-9D9D737F8EC9}.rdf"
File:"No admin in ACL","C:\WINDOWS\system32\Defaults\MX0004_20021102{8C0F8B81-11D1-DE1A-4544-24B700005453}.rdf"
File:"No admin in ACL","C:\WINDOWS\system32\Defaults\MX0004_20021102{9D74D2A0-11D1-DAE5-A000-9D9D737F8EC9}.rdf"
File:"No admin in ACL","C:\WINDOWS\system32\Defaults\MX0004_20021102{B591EC40-11D1-DBC3-A000-9D9D737F8EC9}.rdf"
File:"No admin in ACL","C:\Documents and Settings\All Users\Application Data\Microsoft\SLDL\3b87ee8e-1763-4870-a60b-b392320ec8a0\73bacb43-a684-44dc-83a9-b3641b27f003"



Gwalch

tashi
2013-12-30, 19:14
Hello Gwalch Y Mor,

It appears Creative Sound Blaster Audigy was flagged for some reason. :) In general all items found by the RootAlyzer are not necessarily malicious but shows items it believes to be out of the ordinary.

How is the computer running?

Best regards.

Gwalch Y Mor
2013-12-30, 20:12
Thanks for the reply .

Regarding the PC, well, I have had some serious problems with it. The machine started to switch off suddenly without warning and now it boots up for a couple of seconds the switches off . I think this might be a hardware issue , I will keep you posted .


Gwalch

tashi
2013-12-30, 20:24
Hi Gwalch,

Thanks for the reply .

Regarding the PC, well, I have had some serious problems with it. The machine started to switch off suddenly without warning and now it boots up for a couple of seconds the switches off . I think this might be a hardware issue , I will keep you posted .


Would you like the link to a tech forum to ask for advice? Free, just need to register there. :)

Gwalch Y Mor
2013-12-30, 20:39
Hi Gwalch,


Would you like the link to a tech forum to ask for advice? Free, just need to register there. :)

The PC has been striped down and inspected by someone more qualified than me. So far the Motherboard looks fine , no damaged capacitors or any sign of overheating.All cables and leads are connected properly , CPU and RAM works . In the process of checking Power Supply for possible fault .

If all of the mentioned hardware turn out to be in working order, I will most certainly be interested in registering with the tech forum.

Regards

Gwalch

Gwalch Y Mor
2013-12-31, 17:54
The PC has been re-assembled with a new Power Supply and everything is running fine .

Apparently there was a budget Power Supply installed in the PC originally , this was not pushing out the correct voltages (so I have been told) and could have damaged my Motherboard . It just shows that it's not a good idea to install cheap hardware into a computer.

Gwalch

tashi
2013-12-31, 18:10
:bigthumb:

Good, thank you for letting us know!