Results 1 to 5 of 5

Thread: New computer rootkit deep scan results , no admin in ACL

  1. #1
    Junior Member
    Join Date
    Dec 2014
    Posts
    3

    Default New computer rootkit deep scan results , no admin in ACL

    I just got a new computer and this rootkit scan popped up . Are these something I should be concerned about.

    // info: Rootkit removal help file
    // copyright: (c) 2008-2014 Safer-Networking Ltd. All rights reserved.

    :: RootAlyzer Results
    RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SYSTEM\CurrentControlSet\Control\Nsi\{eb004a11-9b1a-11d4-9123-0050047759bc}\","8"
    RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SYSTEM\ControlSet001\Control\Nsi\{eb004a11-9b1a-11d4-9123-0050047759bc}\","8"
    RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Wow6432Node\Microsoft\Security Center\","Svc"
    RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Wow6432Node\Microsoft\Security Center\Svc\","Upgrade"
    RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Wow6432Node\Microsoft\InputMethod\Jpn\","DuState"
    RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Microsoft\Security Center\Svc\","Upgrade"
    RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Microsoft\InputMethod\Jpn\","DuState"

    any help with this matter would be appreciated
    thanks

  2. #2
    Junior Member
    Join Date
    Dec 2014
    Posts
    3

    Default New computer rootkit deep scan results , no admin in ACL

    Are these ok or is my new machine infected
    Below is the log from my first rootkit scan. I am not very familiar with rootkit software and would appreciate an opinion about the following log.


    // info: Rootkit removal help file
    // copyright: (c) 2008-2014 Safer-Networking Ltd. All rights reserved.

    :: RootAlyzer Results
    RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SYSTEM\CurrentControlSet\Control\Nsi\{eb004a11-9b1a-11d4-9123-0050047759bc}\","8"
    RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SYSTEM\ControlSet001\Control\Nsi\{eb004a11-9b1a-11d4-9123-0050047759bc}\","8"
    RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Wow6432Node\Microsoft\Security Center\","Svc"
    RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Wow6432Node\Microsoft\Security Center\Svc\","Upgrade"
    RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Wow6432Node\Microsoft\InputMethod\Jpn\","DuState"
    RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Microsoft\Security Center\Svc\","Upgrade"
    RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Microsoft\InputMethod\Jpn\","DuState"

    thanks for your help or opinion on this log file, not sure if this is something I need to worry about before backing up my new system.

    Thanks
    Last edited by tashi; 2015-01-03 at 05:54. Reason: Merged two posts

  3. #3
    Member of Team Spybot tashi's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    30,465

    Default

    Hello abchavez,

    Those are normal, is there any particular reason you ran a rootkit scan, how is the computer running?

    Best regards.
    Microsoft MVP Reconnect 2018-
    Windows Insider MVP 2016-2018
    Microsoft Consumer Security MVP 2006-2016

  4. #4
    Junior Member
    Join Date
    Dec 2014
    Posts
    3

    Default thread response

    I always run full scans on new computers because of a security now podcast a few years ago noting some manufactures placing rootkit based malware/ spyware on new machines. Just a precaution.
    Thank You for reviewing my log submission.

  5. #5
    Member of Team Spybot tashi's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    30,465

    Default

    Microsoft MVP Reconnect 2018-
    Windows Insider MVP 2016-2018
    Microsoft Consumer Security MVP 2006-2016

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •