Results 1 to 2 of 2

Thread: Rootkit Scan Results - Are these OK?

  1. #1
    Junior Member
    Join Date
    Dec 2014
    Posts
    1

    Default Rootkit Scan Results - Are these OK?

    Just need to check to see if these are OK. Should I delete these?
    I did use internet explorer during the scan.

    :: RootAlyzer Results
    File:"Unknown ADS","C:\Windows\winsxs\x86_microsoft-windows-p..rastructureconsumer_31bf3856ad364e35_6.0.6002.18005_none_b5c807ab2d93d829\System Diagnostics.xml:0v1ieca3Feahez0jAwxjjk5uRh:$DATA"
    File:"Unknown ADS","C:\Windows\winsxs\x86_microsoft-windows-p..rastructureconsumer_31bf3856ad364e35_6.0.6001.18000_none_b3dc8e9f30720cdd\System Diagnostics.xml:0v1ieca3Feahez0jAwxjjk5uRh:$DATA"
    File:"Unknown ADS","C:\Windows\winsxs\x86_microsoft-windows-p..rastructureconsumer_31bf3856ad364e35_6.0.6000.16386_none_b1a5cca33386fc09\System Diagnostics.xml:0v1ieca3Feahez0jAwxjjk5uRh:$DATA"
    File:"Unknown ADS","C:\Windows\PLA\System\System Diagnostics.xml:0v1ieca3Feahez0jAwxjjk5uRh:$DATA"
    File:"No admin in ACL","C:\Users\Ted\AppData\Local\Temp\~DFD95B.tmp"
    File:"No admin in ACL","C:\Users\Ted\AppData\Local\Temp\~DFE1C3.tmp"
    File:"No admin in ACL","C:\Users\Ted\AppData\Local\Temp\~DFE313.tmp"
    File:"No admin in ACL","C:\Users\Ted\AppData\Local\Protexis\EF5A9C1C32.drv"
    File:"No admin in ACL","C:\Users\Ted\AppData\Local\Protexis\KGyGaAvL.drv"
    File:"No admin in ACL","C:\Users\Dana\AppData\Local\Protexis\04A45E2C25.drv"
    File:"No admin in ACL","C:\Users\Dana\AppData\Local\Protexis\KGyGaAvL.drv"
    File:"No admin in ACL","C:\ProgramData\Symantec\SRTSP\Quarantine"
    File:"No admin in ACL","C:\ProgramData\Real\setup\config.ini"
    File:"No admin in ACL","C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\SRTSP\Quarantine"
    File:"No admin in ACL","C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\SRTSP\SrtETmp"
    File:"No admin in ACL","C:\ProgramData\Cisco Systems\Cisco Connect\Log\logfile.CiscoConnect_exe.txt"
    File:"No admin in ACL","C:\ProgramData\Cisco Systems\Cisco Connect\Log\logfile.CiscoConnect_exe_1.txt"
    File:"No admin in ACL","C:\ProgramData\Cisco Systems\Cisco Connect\Log\logfile.CiscoConnect_exe_2.txt"
    File:"No admin in ACL","C:\ProgramData\Cisco Systems\Cisco Connect\Log\logfile.CiscoConnect_exe_3.txt"
    File:"No admin in ACL","C:\ProgramData\Cisco Systems\Cisco Connect\Log\logfile.CiscoConnect_exe_4.txt"
    File:"Unknown ADS","C:\PerfLogs\System\Diagnostics\20140731-0001\report.xml:Qgrg2rf1Znaluncm1kfl1xla5h:$DATA"
    RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Microsoft\Security Center\Svc\","Vol"
    Last edited by SolarOne; 2014-12-09 at 23:19.

  2. #2
    Member of Team Spybot tashi's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    30,955

    Default

    Hello SolarOne,

    The log appears normal so I'd just leave them be.

    In general all items found by the RootAlyzer are not necessarily malicious but shows items it believes to be out of the ordinary and may give a hint for an infection.

    Sometimes even legitimate software uses rootkit technologies. How is the computer running?

    Best regards.
    Microsoft MVP Reconnect 2018-
    Windows Insider MVP 2016-2018
    Microsoft Consumer Security MVP 2006-2016

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •