View Full Version : RootAlyzer Results, Unsure.

2013-10-09, 01:34
Hello, First time posting here. (Also forgive me, I am not too sure about computers and such, only basic knowledge and such so if anyone gives me specific instructions do please put it as simple as possible)

My computer has recently been infected with "Somoton.BetterInstaller", as I had found out through Spybot Search and Destroy, It had 8 Entries and Managed to get rid of 6, two were left over.

[Picture of SpyBot Results] (Ignore the silly names of the files, I see no reason to think of a proper name for a .jpg of a screenshot I did for a Forum Question.)

"Some problems couldn't be fixed; the reason could be that associated files are still in use (in memory). this could be fixed after a restart. May Spybot-S&&D run on your next system start up" (I have yet to restart my computer, I wanted to see if I could manually fix this first)

Was the warning it gave me, I came on here and looked for a solution, This (http://forums.spybot.info/showthread.php?68854-Manual-Removal-Guide-for-Somoto-BetterInstaller) was what I found, and I managed to only delete the ones I found, some of them seemed to had gone since I reviously deleted an odd 'FilesFrog' folder I found.

It suggested I get the Root Analyzer, so I did and did a Deep Scan, Resulting in this:

[Picture of 'RootAlyzer' Results] (Again, Ignore the silly names of the files, I see no reason to think of a proper name for a .jpg of a screenshot I did for a Forum Question.)

I know it's NVIDIA but still I'm just worried that the 'Somoto' thing might have something to do with it, it says to be on the look out for Yellow warning signs, but all I got were red dots, I assume the red dots are the signs, red being even worse than yellow.

It is probably nothing but I thought I might come here and ask anyway, just to be safe. Also to see if anyone had anymore advice on how to get rid of that darn 'Somoto' thing.

Thanks in Advance.

2013-10-09, 06:36
Hello NathanielWatson,

The Rootkit Scanner tool shows anything that uses certain rootkit technologies, but items with rootkit properties are not necessarily malware.

NVIDIA Updatus appears to be the NVIDIA Update Service.

How is the computer running in general? If you'd like someone to take a look at the system you can start a topic in the Malware Removal Forum (http://forums.spybot.info/forumdisplay.php?f=22) and a volunteer analyst will advise when available. :)

If you do please see that forum's FAQ which also includes instructions in post #2 on how to provide DDS and aswMBR logs, which are used in the preliminary analysis.

Best regards.