In the results of the Rootkit Scan, what do the terms "unknown ADS" and "no admin in ACL" indicate?
Printable View
In the results of the Rootkit Scan, what do the terms "unknown ADS" and "no admin in ACL" indicate?
Hello,
The RootAlyzer is an analyst tool, in general all items found by the RootAlyzer are not necessarily malicious.
Sometimes even legitimate software uses rootkit technologies. :)
How is the computer running, any particular reason you scanned for a rootkit?
Best regards.
Hello,
It is my understanding that "No admin in ACL" means these items are locked from being changed even if you are an admin, which is not unusual. Spybot found and reported that those keys lacked permissions.
As the OP did not provide a log I asked, "How is the computer running, any particular reason you scanned for a rootkit?"
That is actually a pertinent question and sometimes direct user feedback about their computer is quite useful, then one can proceed from there.
A Technet article about alternate data streams (ADS) is informative: https://blogs.technet.microsoft.com/...reams-in-ntfs/
If you would like to post a log please start your own topic.
Thank you. :)