Results 1 to 2 of 2

Thread: Rootkit Scan results

  1. #1
    Junior Member
    Join Date
    Jul 2013
    Posts
    1

    Default Rootkit Scan results

    I did a deep scan and wondering if anything listed is harmful or not.

    Code:
    // info: Rootkit removal help file
    // copyright: (c) 2008-2013 Safer-Networking Ltd. All rights reserved.
    
    :: RootAlyzer Results
    File:"Hidden file","C:\Windows\0ù¤"
    File:"Unknown ADS","C:\ProgramData:gs5sys:$DATA"
    File:"Unknown ADS","C:\Users\All Users:gs5sys:$DATA"
    File:"Unknown ADS","C:\Users\Emanuel:gs5sys:$DATA"
    File:"Unknown ADS","C:\Users\Public\Pictures\desktop.ini:gs5sys:$DATA"
    File:"Unknown ADS","C:\Users\Public\Documents\desktop.ini:gs5sys:$DATA"
    File:"Unknown ADS","C:\Users\Emanuel\Documents\desktop.ini:gs5sys:$DATA"
    File:"Unknown ADS","C:\Users\Emanuel\Desktop\desktop.ini:gs5sys:$DATA"
    File:"Unknown ADS","C:\Users\Emanuel\AppData\Local:gs5sys:$DATA"
    File:"Unknown ADS","C:\Users\Emanuel\AppData\Local:LR26N4tjCJ1cd9x8rJbr:$DATA"
    File:"Unknown ADS","C:\Users\Emanuel\AppData\Roaming:gs5sys:$DATA"
    File:"No admin in ACL","C:\Users\Emanuel\AppData\Roaming\Real\Update\UpgradeHelper"
    File:"No admin in ACL","C:\Users\Emanuel\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer"
    File:"No admin in ACL","C:\Users\Emanuel\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\9.11"
    File:"Unknown ADS","C:\Users\Emanuel\AppData\Roaming\Microsoft\Windows\Cookies:gs5sys:$DATA"
    File:"Unknown ADS","C:\Users\Emanuel\AppData\Roaming\Microsoft\Windows\Templates:gs5sys:$DATA"
    File:"Unknown ADS","C:\Users\Emanuel\AppData\Roaming\Microsoft\Windows\Recent\desktop.ini:gs5sys:$DATA"
    File:"Unknown ADS","C:\Users\Emanuel\AppData\Local\ajnqnjafY:vdSX62BoSDDpKaIGmqfX:$DATA"
    File:"Unknown ADS","C:\Users\Emanuel\AppData\Local\Microsoft\Windows\History:gs5sys:$DATA"
    File:"Unknown ADS","C:\Users\All Users\TEMP:5C321E34:$DATA"
    File:"Unknown ADS","C:\Users\All Users\TEMP:9A870F8B:$DATA"
    File:"No admin in ACL","C:\Users\All Users\Real\setup\config.ini"
    File:"No admin in ACL","C:\Users\All Users\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\SRTSP\Quarantine"
    File:"No admin in ACL","C:\Users\All Users\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\SRTSP\SrtETmp"
    File:"No admin in ACL","C:\ProgramData\Real\setup\config.ini"
    File:"No admin in ACL","C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\SRTSP\Quarantine"
    File:"No admin in ACL","C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\SRTSP\SrtETmp"

  2. #2
    Member of Team Spybot tashi's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    30,955

    Default

    Hello Xellon,

    Quote Originally Posted by Yodama View Post
    An unknown MBR just means that RootAlyzer does not know this pattern, this can have various reasons, for instance usage of a bootloader.
    In general all items found by the RootAlyzer are not necessarily malicious. The RootAlyzer shows items which it believes to be out of the ordinary and may give a hint for an infection.
    The RootAlyzer is an analyst tool, it is not a scan and fix tool like the System or File Scan.
    http://forums.spybot.info/showthread...l=1#post442397

    Is this a personal computer and how is the machine running in general?

    Best regards.
    Microsoft MVP Reconnect 2018-
    Windows Insider MVP 2016-2018
    Microsoft Consumer Security MVP 2006-2016

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •