Search for rootkits - No admin in ACL

[eduque]

Hi,
I found again and again this report when starting search for rootkits :

Quick Scan results : 2 MBRs checked : unknow MBRS physical drive 1

Deep scan results :

HKLM\SYSTEM\CurrentControlSet\Control\Nsi\{eb004a11-9b1a-11d4-9123-0050047759bc}\

No admin in ACL

HKLM\SYSTEM\ControlSet001\Control\Nsi\{eb004a11-9b1a-11d4-9123-0050047759bc}\

No admin in ACL

\??\C:\Users\Emmanuelle\AppData\Local\Temp\~DF54FF7F60968F308E.TMP

No admin in ACL

\??\C:\Users\Emmanuelle\AppData\Local\Temp\~DF7959C770A1F9289C.TMP

No admin in ACL

\??\C:\Users\Emmanuelle\AppData\Local\Temp\~DF8C43CB3A5B053C9D.TMP

No admin in ACL

\??\C:\Users\Emmanuelle\AppData\Local\Temp\~DFB5F4947BBDC7CB34.TMP

No admin in ACL

AND I just replace a brand new hard drive. AND I just reinstall Windows.
I run Spybot just after and here is the result.
I have been hacked before on this PC.
Is there something wrong on the machine itself as I just change my harddrive?
Thank you.

[spybotsandra]

Hello,

The quick scan items are ok, they just report another drive besides the C drive on your system.

Malware sometimes uses rootkit technology to hide itself at system level.
This makes it undetectable by standard tools. Our plugins help Spybot – Search & Destroy to detect this form of malware.
Our Rootkit Scanner tool shows anything that uses certain rootkit technologies. But items with rootkit properties detected here are not necessarily malware. Sometimes, legit software uses rootkit technologies to hide registration data or other things it does not want the user to see in any case. So please keep in mind that the Rootkit Scanner only flags suspicious stuff, not identifying just bad stuff.

If you get ‘No admin in ACL’ this threads in our forum should help explaining:
Unknown ADS and no Admin in ACL
Unknown ADS

So if you decide to remove the found items please remember:

The deletion is final and can not be recovered through the Quarantine.
If you still want to remove the found items it is strongly recommend to create a system restore point before doing that.

Best regards
Sandra
Team Spybot

[eduque]

Hi
I only have one hard drive ; does that mean that quick scan found that I have another one ? Sorry but this is chinese to me. ???

[spybotsandra]

Hello,

Where do you have your hard drive?
On "C"?

Best regards
Sandra
Team Spybot

[eduque]

Yes, my hard drive is on C. ...? Why does Spybot detect 2 MBRs (Unknown MBRs : physical drive 1) ...? This is strange, isn't it ?

[eduque]

So ? Anyone can explain ? Is it possible that a malware directly infects the machine itself even if I change the hard drive ?
Otherwise, why does spybot report 2 MBRs and other strange stuff when deep scanning ?