root kit scan
Thread Starter
Join Date: Jan 2009
Location: England that central part of Britian between Ecosse and Occupied France
Posts: 131
Likes: 0
Received 0 Likes
on
0 Posts
root kit scan
HI, can help with the below found with a sky-bot root kit scan are the malware or just hidden files::
Type: Key
Object: Flyout
Location: HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\A pplets\SysTray\BattMeter\
Details: No admin in ACL
Type: Key
Object: Svc
Location: HKLM\SOFTWARE\Wow6432Node\Microsoft\Security Center\
Details: No admin in ACL
Type: Folder
Object: SrtETmp
Location: C:\Users\All Users\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\SRTSP\
Details: No admin in ACL
Type: Folder
Object: SrtETmp
Location: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\SRTSP\
Details: No admin in ACL
Type: Key
Object: Flyout
Location: HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\A pplets\SysTray\BattMeter\
Details: No admin in ACL
Type: Key
Object: Svc
Location: HKLM\SOFTWARE\Wow6432Node\Microsoft\Security Center\
Details: No admin in ACL
Type: Folder
Object: SrtETmp
Location: C:\Users\All Users\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\SRTSP\
Details: No admin in ACL
Type: Folder
Object: SrtETmp
Location: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\SRTSP\
Details: No admin in ACL
You mean "Spybot" rather than sky-bot, I think?
Last time I looked, the rootkit scanner was a beta. Shouldn't really be used, unless you know what you're doing, if that's the case.
ADS processes found using a rootkit scanner are not necessarily rootkits. When they're flagged, it means it might be suspicious, or it might not.
In this case, it would appear to be part of the process of Norton - which I presume is your antivirus - and probably harmless. And if Norton is not your antivirus, I strongly recommend you remove it.
That said, I'd install, update, and run a scan with MBAM, for a second opinion. It's a very good scanner. There is a free version.
Last time I looked, the rootkit scanner was a beta. Shouldn't really be used, unless you know what you're doing, if that's the case.
ADS processes found using a rootkit scanner are not necessarily rootkits. When they're flagged, it means it might be suspicious, or it might not.
In this case, it would appear to be part of the process of Norton - which I presume is your antivirus - and probably harmless. And if Norton is not your antivirus, I strongly recommend you remove it.
That said, I'd install, update, and run a scan with MBAM, for a second opinion. It's a very good scanner. There is a free version.
More bang for your buck
Join Date: Nov 2005
Location: land of the clanger
Age: 82
Posts: 3,512
Likes: 0
Received 0 Likes
on
0 Posts
WoW64 (Windows 32-bit on Windows 64-bit) is a subsystem of the Windows operating system that is capable of running 32-bit applications and is included on all 64-bit versions of Windows.
Join Date: Jan 2012
Location: .
Posts: 2,173
Likes: 0
Received 0 Likes
on
0 Posts
if you want to check for rootkits use Kasperky's TDSSKiller
Anti-rootkit utility TDSSKiller
Not a bad idea to follow that up with Hitman Pro afterwards
Run both in SAFE mode
Anti-rootkit utility TDSSKiller
Not a bad idea to follow that up with Hitman Pro afterwards
Run both in SAFE mode
Thread Starter
Join Date: Jan 2009
Location: England that central part of Britian between Ecosse and Occupied France
Posts: 131
Likes: 0
Received 0 Likes
on
0 Posts
thanks guys ,second opinion ,a good idea,already ran malware bytes, all looks well.sky(spy) bot,ok. aviator Frued slip up, or poor humor,and ran the tdss killer .not tks (anti ice)
Last edited by much2much; 21st Sep 2012 at 18:11.