In the results of the Rootkit Scan, what do the terms "unknown ADS" and "no admin in ACL" indicate?
Printable View
In the results of the Rootkit Scan, what do the terms "unknown ADS" and "no admin in ACL" indicate?
Hello,
The RootAlyzer is an analyst tool, in general all items found by the RootAlyzer are not necessarily malicious.
Sometimes even legitimate software uses rootkit technologies. :)
How is the computer running, any particular reason you scanned for a rootkit?
Best regards.
That didn't answer his question, which is also mine. The help guide is useless, and I've been having a heckuva time trying to discover on this site what these terms mean. I very eagerly look forward to an answer.Quote:
Originally Posted by tashi
Hello,
It is my understanding that "No admin in ACL" means these items are locked from being changed even if you are an admin, which is not unusual. Spybot found and reported that those keys lacked permissions.Quote:
Originally Posted by spybot_help_is_unhelpfu
As the OP did not provide a log I asked, "How is the computer running, any particular reason you scanned for a rootkit?"
That is actually a pertinent question and sometimes direct user feedback about their computer is quite useful, then one can proceed from there.
A Technet article about alternate data streams (ADS) is informative: https://blogs.technet.microsoft.com/...reams-in-ntfs/
If you would like to post a log please start your own topic.
Thank you. :)