Results 1 to 6 of 6

Thread: Rootkit analysis help

  1. #1
    Junior Member
    Join Date
    Aug 2015
    Posts
    3

    Default Rootkit analysis help

    Thanks in advance for the help.

    I ran a rootkit analysis of my win 7 laptop and came up with these results (please see the attached image). It seems to me (and my intelligent friend Google) that most are fine. The only one I could not decipher is the biost! s entry. My computer is on the old side, but the performance has started to drag. Would someone please advise.

    Matt
    Attached Images Attached Images

  2. #2
    Member of Team Spybot tashi's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    30,492

    Default

    Hello mweimer22,

    They appear to be fine but could you copy paste the results into this thread so I can see the file path please.

    Best regards.
    Microsoft MVP Reconnect 2018-
    Windows Insider MVP 2016-2018
    Microsoft Consumer Security MVP 2006-2016

  3. #3
    Junior Member
    Join Date
    Aug 2015
    Posts
    3

    Default

    As requested:

    // info: Rootkit removal help file
    // copyright: (c) 2008-2015 Safer-Networking Ltd. All rights reserved.

    :: RootAlyzer Results
    File:"Invisible to Win32","C:\biost! s"
    File:"Invisible to Win32","C:\Windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_11.2.9600.17963_none_f5688b04375c1ad5"
    File:"No admin in ACL","C:\ProgramData\Real\setup\config.ini"
    RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Applets\SysTray\BattMeter","Flyout"
    RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Wow6432Node\Microsoft\Security Center","Svc"


    Thanks for the prompt response,
    Matt

  4. #4
    Member of Team Spybot tashi's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    30,492

    Default

    Hi mweimer22,

    biost! s may be a file description that is pertinent to the detectives coding detections.

    Aside from the slowness in your laptop have you noticed any other issues, was there a particular reason for running a rootkit scan?

    A rootkit is cut from a different cloth than most malware infections, the RootAlyzer shows items which it believes to be out of the ordinary and may give a hint for an infection.

    But in general these are not necessarily malicious, even legitimate software may use rootkit technologies.

    Best regards.
    Microsoft MVP Reconnect 2018-
    Windows Insider MVP 2016-2018
    Microsoft Consumer Security MVP 2006-2016

  5. #5
    Junior Member
    Join Date
    Aug 2015
    Posts
    3

    Default

    Thanks again Tashi,

    No other problems, I am most likely being paranoid. If anything else comes up I will post further.

    Matt

  6. #6
    Member of Team Spybot tashi's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    30,492

    Default

    Sounds good.
    Microsoft MVP Reconnect 2018-
    Windows Insider MVP 2016-2018
    Microsoft Consumer Security MVP 2006-2016

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •