Results 1 to 3 of 3

Thread: I Got Results Suggesting A Possible Problem + A Few in Deep Scan

  1. #1
    Junior Member
    Join Date
    May 2013
    Posts
    2

    Default I Got Results Suggesting A Possible Problem + A Few in Deep Scan

    Hello these are my first results. I was prompted to do a deeper scan and it then found two more things but I don't understand them. If anyone can tell me if I'm OK or need to take further action this would be good!

    Quickscan Results

    RootAlyzer Quick Scan Results

    Files in Windows folder
    ----------------------------------------
    1 hidden out of 87 files were detected.
    Hidden files: version
    C:\Windows\version
    ========================================

    Files in System folder
    ----------------------------------------
    2408 files were tested.
    No hidden files detected.
    ========================================

    Global run entries
    ----------------------------------------

    No hidden entries detected.
    ========================================

    Winlogon entries
    ----------------------------------------

    No hidden entries detected.
    ========================================

    Invisible processes (from handles)
    ----------------------------------------
    0 handle process IDs for 45 processes.
    No hidden processes detected.
    ========================================

    Invisible processes (from threads)
    ----------------------------------------
    45 processes tested.
    No hidden processes detected.
    ========================================

    Master Boot Records
    ----------------------------------------
    1 MBRs checked.
    No unknown MBRs detected.
    ========================================


    Deep Scan Results

    :: RootAlyzer Results
    File:"Hidden file","C:\Windows\version"
    RegyValue:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Applets\SysTray\BattMeter\","Flyout"
    RegyValue:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Wow6432Node\Microsoft\Security Center\","Svc"

  2. #2
    Senior Member
    Join Date
    Oct 2005
    Location
    Germany
    Posts
    5,263

    Default

    Hello,

    That does not look malicious.

    Malware sometimes uses rootkit technology to hide itself at system level.
    This makes it undetectable by standard tools. Our plugins help Spybot Search & Destroy to detect this form of malware.
    Our Rootkit Scanner tool shows anything that uses certain rootkit technologies. But items with rootkit properties detected here are not necessarily malware. Sometimes, legit software uses rootkit technologies to hide registration data or other things it does not want the user to see in any case. So please keep in mind that the Rootkit Scanner only flags suspicious stuff, not identifying just bad stuff.

    The deletion is final and can not be recovered through the Quarantine.
    If you still want to remove the found items it is strongly recommend to create a system restore point before doing that.

    Best regards
    Sandra
    Team Spybot

  3. #3
    Junior Member
    Join Date
    May 2013
    Posts
    2

    Default

    Thank you spybotsandra. I have performed the removal aftercreating the restore point. Afterwards I also ran another rootkit scanner and everything was clear!

    Thanks for the explanation,

    /ctrl.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •