PDA

View Full Version : Slow pc and 1 possible rootkit found



asanguy
2014-05-22, 15:05
Hi

Could you cast en eye over my log from yesterday please.

Thank you.

:: RootAlyzer Results
File:"Hidden file","C:\Windows\"
File:"Unknown ADS","C:\Windows\PLA\System\System Diagnostics.xml:0v1ieca3Feahez0jAwxjjk5uRh:$DATA"
File:"No admin in ACL","C:\Users\All Users\Microsoft\OFFICE\DATA"
File:"No admin in ACL","C:\Users\All Users\Microsoft\OFFICE\DATA\opa12.dat"
File:"Invisible to Win32","C:\Users\Ali\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\X19ZG1BJ\clients[1].txt"
File:"No admin in ACL","C:\ProgramData\Microsoft\OFFICE\DATA"
File:"Unknown ADS","C:\PerfLogs\System\Diagnostics\ALI-TOSH_20140113-000002\report.xml:Qgrg2rf1Znaluncm1kfl1xla5h:$DATA"
File:"Unknown ADS","C:\PerfLogs\System\Diagnostics\ALI-TOSH_20140113-000001\report.xml:Qgrg2rf1Znaluncm1kfl1xla5h:$DATA"

tashi
2014-05-22, 17:46
Hello asanguy,

Those are System Diagnostics, Microsoft OFFICE and Temporary Internet Files, not a root kit. :)

Kind regards.

asanguy
2014-05-22, 18:27
Thank you Tashi.

Just wanted to be sure as don't use RootAlyzer very often but was quite surprised when it suggested there might be a problem. :thanks:

tashi
2014-05-22, 19:17
Doesn't hurt to check. :bigthumb:

In general all items found by the RootAlyzer are not necessarily malicious, it shows items which it believes to be out of the ordinary and may give a hint for an infection.

Sometimes legitimate software uses rootkit technologies too.

Any other issues, you mentioned in the topic title that the computer is slow?

Best regards.

asanguy
2014-05-23, 19:39
No other issues found. Have scanned with malwarebytes and spybot. Mcaffee found 6 or so viruses in email attachments but they were never opened emails and were quarantined anyway. Other than that it's just massively slow.

tashi
2014-05-23, 20:27
Hi asanguy,


Other than that it's just massively slow.

You could post at a tech site for advice about that issue, for instance this forum at What The Tech: Microsoft Windows (http://forums.whatthetech.com/index.php?showforum=119) :)