Results 1 to 4 of 4

Thread: 3 rootkits are always detected.

  1. #1
    Junior Member
    Join Date
    Jun 2014
    Posts
    2

    Default 3 rootkits are always detected.

    These rootkits are detected in each scan. This 3 rootkits are detected again by switching windows. Whether these are in fact rootkits or are misidentified?

    I went to the address but I could not delete these files manually.Error Message: Error Deleting Values unable to delete all specified values.
    What should I do?

    I actually cleared via software but not deleted. Nothing was repaired.At Description has been written.
    Every time they moved to the quarantine. Delete these files anywhere is useless.


    Type: Key
    Object: 8
    Location: HKLM\SYSTEM\CurrentControlSet\Control\Nsi\{eb004a11-9b1a-11d4-9123-0050047759bc}\
    Details: No admin in ACL

    Type: Key
    Object: 8
    Location: HKLM\SYSTEM\ControlSet001\Control\Nsi\{eb004a11-9b1a-11d4-9123-0050047759bc}\
    Details: No admin in ACL

    Type: Key
    Object: Svc
    Location: HKLM\SOFTWARE\Wow6432Node\Microsoft\Security Center\
    Details: No admin in ACL

    I Have Winows 8 Enterprise.

    Spybot 2.1.19

  2. #2
    Member of Team Spybot tashi's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    30,955

    Default

    Hello mas12A,

    You can ignore those. In general all items found by the RootAlyzer are not necessarily malicious but shows items it believes to be out of the ordinary and may give a hint for an infection.

    Sometimes legitimate software uses rootkit technologies too. How is the computer running?

    Best regards.
    Microsoft MVP Reconnect 2018-
    Windows Insider MVP 2016-2018
    Microsoft Consumer Security MVP 2006-2016

  3. #3
    Junior Member
    Join Date
    Jun 2014
    Posts
    2

    Default

    Quote Originally Posted by tashi View Post
    Hello mas12A,

    You can ignore those. In general all items found by the RootAlyzer are not necessarily malicious but shows items it believes to be out of the ordinary and may give a hint for an infection.

    Sometimes legitimate software uses rootkit technologies too. How is the computer running?

    Best regards.
    Sorry for the late reply you gave.

    1)Computer speed is not a significant change. Well as the speed of computer loading. At Least I did not feel anything special. Except that once displayed the blue screen of death. Details of the blue screen of death is not available. Because The full details including Windows log files And Anything else have been erased with software ccleaner.

    2)How do I Understand that legitimate Software use of rootkit technologies? Can I Understand?
    3) What is the best thing to do right now?

    I change the windows And clean up my C drive. Why are these rootkits were detected again? may have come through the other drives? Is it possible to influence the other drives? I can not format the others drives because I need to their information.

    Thank you.

  4. #4
    Member of Team Spybot tashi's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    30,955

    Default

    Hello mas12A,

    Quote Originally Posted by mas12A View Post
    3) What is the best thing to do right now?
    Quote Originally Posted by tashi View Post
    You can ignore those.
    They are not rootkits.


    Quote Originally Posted by mas12A View Post
    2)How do I Understand that legitimate Software use of rootkit technologies? Can I Understand?
    See Rootkits

    Edit

    Quote Originally Posted by mas12A View Post
    I Have Winows 8 Enterprise.
    Is this a Corporate Business machine? http://www.microsoft.com/en-us/windo...e-edition.aspx

    Quote Originally Posted by mas12A View Post
    Spybot 2.1.19
    2.1 is an old version. http://www.safer-networking.org/shop/

    Best regards.
    Microsoft MVP Reconnect 2018-
    Windows Insider MVP 2016-2018
    Microsoft Consumer Security MVP 2006-2016

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •