How to remove rootkits?

**Rastreador** · 2013-11-28, 20:38

The spybot found rootkits below and do not know which ones are dangerous and I delete.
Please help me. Thank you.

// info: Rootkit removal help file
// copyright: (c) 2008-2013 Safer-Networking Ltd. All rights reserved.

:: RootAlyzer Results
File:"Unknown ADS","C:\Windows\PLA\System\System Diagnostics.xml:0v1ieca3Feahez0jAwxjjk5uRh:$DATA"
File:"Unknown ADS","C:\Windows\Cursors\arrow_n.cur:NEDTA.DAT:$DATA"
File:"No admin in ACL","C:\ProgramData\NVIDIA\Updatus\nvtmru"
File:"No admin in ACL","C:\ProgramData\Nero\Nero 10\OnlineServices"
File:"No admin in ACL","C:\ProgramData\Nero\Nero 10\OnlineServices\cabundle.crt"
File:"No admin in ACL","C:\ProgramData\Nero\Nero 10\OnlineServices\controldata.bin"
File:"No admin in ACL","C:\ProgramData\Nero\Nero 10\OnlineServices\MetaData"
File:"No admin in ACL","C:\ProgramData\Nero\Nero 10\OnlineServices\NOSWebConfig"
File:"No admin in ACL","C:\ProgramData\Nero\Nero 10\OnlineServices\usagestatdata.bin"
File:"No admin in ACL","C:\ProgramData\Nero\Nero 10\OnlineServices\NOSWebConfig\config.xml"
File:"No admin in ACL","C:\ProgramData\Nero\Nero 10\OnlineServices\NOSWebConfig\Facebook"
File:"No admin in ACL","C:\ProgramData\Nero\Nero 10\OnlineServices\NOSWebConfig\Flickr"
File:"No admin in ACL","C:\ProgramData\Nero\Nero 10\OnlineServices\NOSWebConfig\MyNero"
File:"No admin in ACL","C:\ProgramData\Nero\Nero 10\OnlineServices\NOSWebConfig\MySpace"
File:"No admin in ACL","C:\ProgramData\Nero\Nero 10\OnlineServices\NOSWebConfig\YouTube"
File:"No admin in ACL","C:\ProgramData\Nero\Nero 10\OnlineServices\NOSWebConfig\YouTube\browseVideoItem.xslt"
File:"No admin in ACL","C:\ProgramData\Nero\Nero 10\OnlineServices\NOSWebConfig\YouTube\config.xml"
File:"No admin in ACL","C:\ProgramData\Nero\Nero 10\OnlineServices\NOSWebConfig\YouTube\createLocalReferer.xslt"
File:"No admin in ACL","C:\ProgramData\Nero\Nero 10\OnlineServices\NOSWebConfig\YouTube\featuredList.xslt"
File:"No admin in ACL","C:\ProgramData\Nero\Nero 10\OnlineServices\NOSWebConfig\YouTube\getUserNameResponse.xslt"
File:"No admin in ACL","C:\ProgramData\Nero\Nero 10\OnlineServices\NOSWebConfig\YouTube\itemDetails.xslt"
File:"No admin in ACL","C:\ProgramData\Nero\Nero 10\OnlineServices\NOSWebConfig\YouTube\loginResponse.xslt"
File:"No admin in ACL","C:\ProgramData\Nero\Nero 10\OnlineServices\NOSWebConfig\YouTube\logoutResponse.xslt"
File:"No admin in ACL","C:\ProgramData\Nero\Nero 10\OnlineServices\NOSWebConfig\YouTube\myVideoItem.xslt"
File:"No admin in ACL","C:\ProgramData\Nero\Nero 10\OnlineServices\NOSWebConfig\YouTube\searchList.xslt"
File:"No admin in ACL","C:\ProgramData\Nero\Nero 10\OnlineServices\NOSWebConfig\YouTube\streamUrl.xslt"
File:"No admin in ACL","C:\ProgramData\Nero\Nero 10\OnlineServices\NOSWebConfig\YouTube\translateUrl.xslt"
File:"No admin in ACL","C:\ProgramData\Nero\Nero 10\OnlineServices\NOSWebConfig\YouTube\uploadResonse.xslt"
File:"No admin in ACL","C:\ProgramData\Nero\Nero 10\OnlineServices\NOSWebConfig\MySpace\config.xml"
File:"No admin in ACL","C:\ProgramData\Nero\Nero 10\OnlineServices\NOSWebConfig\MySpace\getEntity.xslt"
File:"No admin in ACL","C:\ProgramData\Nero\Nero 10\OnlineServices\NOSWebConfig\MySpace\getMyToken.xslt"
File:"No admin in ACL","C:\ProgramData\Nero\Nero 10\OnlineServices\NOSWebConfig\MySpace\getUserNameResponse.xslt"
File:"No admin in ACL","C:\ProgramData\Nero\Nero 10\OnlineServices\NOSWebConfig\MySpace\itemDetails.xslt"
File:"No admin in ACL","C:\ProgramData\Nero\Nero 10\OnlineServices\NOSWebConfig\MySpace\itemList.xslt"
File:"No admin in ACL","C:\ProgramData\Nero\Nero 10\OnlineServices\NOSWebConfig\MySpace\loginResponse.xslt"
File:"No admin in ACL","C:\ProgramData\Nero\Nero 10\OnlineServices\NOSWebConfig\MySpace\logoutResponse.xslt"
File:"No admin in ACL","C:\ProgramData\Nero\Nero 10\OnlineServices\NOSWebConfig\MySpace\streamUrl.xslt"
File:"No admin in ACL","C:\ProgramData\Nero\Nero 10\OnlineServices\NOSWebConfig\MySpace\translateUrl.xslt"
File:"No admin in ACL","C:\ProgramData\Nero\Nero 10\OnlineServices\NOSWebConfig\MySpace\uploadError.xml"
File:"No admin in ACL","C:\ProgramData\Nero\Nero 10\OnlineServices\NOSWebConfig\MySpace\uploadResponse.xml"
File:"No admin in ACL","C:\ProgramData\Nero\Nero 10\OnlineServices\NOSWebConfig\MySpace\uploadResponse.xslt"
File:"No admin in ACL","C:\ProgramData\Nero\Nero 10\OnlineServices\NOSWebConfig\MyNero\config.xml"
File:"No admin in ACL","C:\ProgramData\Nero\Nero 10\OnlineServices\NOSWebConfig\MyNero\getUploadUris.xslt"
File:"No admin in ACL","C:\ProgramData\Nero\Nero 10\OnlineServices\NOSWebConfig\MyNero\getUserNameResponse.xslt"
File:"No admin in ACL","C:\ProgramData\Nero\Nero 10\OnlineServices\NOSWebConfig\MyNero\itemDetailsList.xslt"
File:"No admin in ACL","C:\ProgramData\Nero\Nero 10\OnlineServices\NOSWebConfig\MyNero\loginRequest.xslt"
File:"No admin in ACL","C:\ProgramData\Nero\Nero 10\OnlineServices\NOSWebConfig\MyNero\loginResponse.xslt"
File:"No admin in ACL","C:\ProgramData\Nero\Nero 10\OnlineServices\NOSWebConfig\MyNero\logoutResponse.xslt"
File:"No admin in ACL","C:\ProgramData\Nero\Nero 10\OnlineServices\NOSWebConfig\MyNero\rssItemDetailsList.xslt"
File:"No admin in ACL","C:\ProgramData\Nero\Nero 10\OnlineServices\NOSWebConfig\MyNero\searchRequest.xslt"
File:"No admin in ACL","C:\ProgramData\Nero\Nero 10\OnlineServices\NOSWebConfig\MyNero\uploadRequest.xslt"
File:"No admin in ACL","C:\ProgramData\Nero\Nero 10\OnlineServices\NOSWebConfig\MyNero\uploadResponse.xslt"
File:"No admin in ACL","C:\ProgramData\Nero\Nero 10\OnlineServices\NOSWebConfig\Flickr\config.xml"
File:"No admin in ACL","C:\ProgramData\Nero\Nero 10\OnlineServices\NOSWebConfig\Facebook\config.xml"
File:"No admin in ACL","C:\ProgramData\Nero\Nero 10\OnlineServices\MetaData\cddbplm.gcf"
File:"No admin in ACL","C:\ProgramData\Nero\Nero 10\OnlineServices\MetaData\elists.db"
File:"No admin in ACL","C:\ProgramData\Microsoft\OFFICE\DATA"
File:"Unknown ADS","C:\ProgramData\CyberLink\CLDShowX.ini:Update.CL:$DATA"
File:"Unknown ADS","C:\PerfLogs\System\Diagnostics\DERMEVAL-PC_20130731-000007\report.xml:Qgrg2rf1Znaluncm1kfl1xla5h:$DATA"
File:"Unknown ADS","C:\PerfLogs\System\Diagnostics\DERMEVAL-PC_20130731-000006\report.xml:Qgrg2rf1Znaluncm1kfl1xla5h:$DATA"
File:"Unknown ADS","C:\PerfLogs\System\Diagnostics\DERMEVAL-PC_20130731-000005\report.xml:Qgrg2rf1Znaluncm1kfl1xla5h:$DATA"
File:"Unknown ADS","C:\PerfLogs\System\Diagnostics\DERMEVAL-PC_20130326-000004\report.xml:Qgrg2rf1Znaluncm1kfl1xla5h:$DATA"
File:"Unknown ADS","C:\PerfLogs\System\Diagnostics\DERMEVAL-PC_20130326-000003\report.xml:Qgrg2rf1Znaluncm1kfl1xla5h:$DATA"
File:"Unknown ADS","C:\PerfLogs\System\Diagnostics\DERMEVAL-PC_20130326-000002\report.xml:Qgrg2rf1Znaluncm1kfl1xla5h:$DATA"
File:"Unknown ADS","C:\PerfLogs\System\Diagnostics\DERMEVAL-PC_20130326-000001\report.xml:Qgrg2rf1Znaluncm1kfl1xla5h:$DATA"

**tashi** · 2013-12-02, 05:24

Hello Rastreador,

In general all items found by the RootAlyzer are not necessarily malicious. The items flagged belong to Nero, your DVD and Windows.

Sometimes legitimate software uses rootkit technologies to hide registration data and such.

The RootAlyzer shows items which it believes to be out of the ordinary and may give a hint for an infection.The RootAlyzer is an analyst tool, it is not a scan and fix tool like the System or File Scan.

Best regards.

Thread: How to remove rootkits?

Thread Tools

Display

How to remove rootkits?

Tags for this Thread

Posting Permissions