Results 1 to 3 of 3

Thread: Not sure if I have rootkits or not

  1. #1
    Junior Member
    Join Date
    Mar 2013
    Posts
    2

    Default Not sure if I have rootkits or not

    Hello, I've just done my first rootkit scan in Spybot and it's flagged some results. I have a feeling they're false positives but I'm not sure.

    Can anyone advise?

    // info: Rootkit removal help file
    // copyright: (c) 2008-2013 Safer-Networking Ltd. All rights reserved.

    :: RootAlyzer Results
    File:"Unknown ADS","C:\Users\All Users\sdpsenv.dat:naughtypirates:$DATA"
    File:"Unknown ADS","C:\Users\All Users\TEMP:B0D4D817:$DATA"
    File:"Unknown ADS","C:\Users\All Users\GPSoftware\Directory Opus\dopus.cert:naughtypirates:$DATA"
    File:"Unknown ADS","C:\ProgramData\sdpsenv.dat:naughtypirates:$DATA"
    File:"Unknown ADS","C:\ProgramData\GPSoftware\Directory Opus\dopus.cert:naughtypirates:$DATA"
    RegyValue:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Applets\SysTray\BattMeter\","Flyout"
    RegyValue:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Wow6432Node\Microsoft\Security Center\","Svc"
    I use Directory Opus which might explain some of them - unless of course it's something else pretending to be Directory Opus.

    How can I investigate each item to see what it does, where it came from, and what to do with it?

    Thanks

  2. #2
    Senior Member
    Join Date
    Oct 2005
    Location
    Germany
    Posts
    5,263

    Default

    Hello,

    That does not seem to be rootkits.
    Some belong to Directory Opus, which you use, some belong to Microsoft and one temp file.

    Best regards
    Sandra
    Team Spybot

  3. #3
    Junior Member
    Join Date
    Mar 2013
    Posts
    2

    Default

    Quote Originally Posted by spybotsandra View Post
    Hello,

    That does not seem to be rootkits.
    Some belong to Directory Opus, which you use, some belong to Microsoft and one temp file.

    Best regards
    Sandra
    Team Spybot
    Thank you. The Directory Opus people have confirmed that they're genuine Directory Opus files, so I'm happy my PC's clean.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •