PDA

View Full Version : Access violation at address xxxx in module 'SDRootAlyyzer.exe'



eastwoodjon
2015-08-30, 16:58
Just installed afresh copy of the software

ran the rootkit scan

it found root kits

if i try to delete ANY file its found

I get the following error:

12326

any idea splease as really need to get this cleaned up?

tashi
2015-08-31, 22:29
Hello eastwoodjon, :welcome:

Did you elevate permissions in Spybot?

http://forums.spybot.info/showthread.php?55946-How-can-I-get-administrator-rights

(http://forums.spybot.info/showthread.php?55946-How-can-I-get-administrator-rights)
Just installed afresh copy of the software

ran the rootkit scan

it found root kits

Could you provide the log showing the items flagged please.

In general all items flagged by the RootAlyzer are not necessarily malicious but show files it believes to be out of the ordinary and may give a hint for an infection.

Even legitimate software may use rootkit technologies.

Best regards.

eastwoodjon
2015-08-31, 23:22
its running as admin and still same issue

sample file found


aboutus.html.asp
winners.htmlsp
zincyr.a
aspnet_clientasp
\zinc\www.udxpress.com-id-url.txtd-url.txtm-id-url.txt
\error.loguel.asp
\zinc
\zinc\www.udxpress.com-id-url.txtd-url.txtm-id-url.txt

tashi
2015-08-31, 23:28
Hi eastwoodjon,

Could you produce the log as shown in other topics in this forum please.

Examples:

https://forums.spybot.info/showthread.php?72519-are-the-Rook-kit-scan-results-of-my-system-malwares

https://forums.spybot.info/showthread.php?72480-Are-these-bad

Best regards.

eastwoodjon
2015-09-01, 01:14
// info: Rootkit removal help file
// copyright: (c) 2008-2015 Safer-Networking Ltd. All rights reserved.

:: RootAlyzer Results
File:"Invisible to Win32","D:\aboutus.html.asp"

lots of .asp file and lots of .txt file all like above

the issue is not the files as the software finds them it just wont delete them

tashi
2015-09-01, 02:40
Hello eastwoodjon,

I think it would be best if someone takes a look at the system to see if there is a problem. :)

First see that forum's FAQ which also includes instructions in post #2 on how to provide the logs from Farbar Recovery Scan Tool and aswMBR, which are the logs used in the preliminary analysis.

http://forums.spybot.info/showthread.php?t=288

Best regards.