I have reg entries for sweetIm no toolbar or exe. No page change on home page.Where would I have got it i did not download an Im or anything like that.Is this FP? I read your site it said it could be rootkit. How do I check for rootkit
I have reg entries for sweetIm no toolbar or exe. No page change on home page.Where would I have got it i did not download an Im or anything like that.Is this FP? I read your site it said it could be rootkit. How do I check for rootkit
The registry entries shown in your screen shot are from SweetIM it is not a FP.
This is exactly one of the reasons why SweetIM gets detected, because it installs without you knowing about it.
It could have come as a bundle with other software without noticing you properly about it.
Spybot S&D does automatically check for known rootkits, however if you want to do a seperate scan for rootkits that can detect other rootkits methods being used you can try our RootAlyzer or other rootkit detection tools like GMER
Editing posts in our forums is possible only for a limited time after the post has been posted.
Thanks. Does that mean i may have an exe file. Is there any way to tell the date it was installed
Unknown ADS and NO admin in ACL is what i get from a deep root scan with RootAnalyzer?
here is an quick scan with RootAlyzer
Gmer causes a BSOD
From the scan with RootAlyzerI am unable to open the system in the above reg entry, says file cannot be found. I deleted the entries shown in my Op screenshot, is that whyRegyKey:"Zero char in key name","HKEY_LOCAL_MACHINE","\SOFTWARE\Microsoft\Windows\CurrentVersion\","System\0"
// Attention: entries with a zero character will not be displayed correctly and may not work!
Rootkit Buster says I am clean