root kit scan
Thread Starter
Joined: Jan 2009
Posts: 131
Likes: 0
From: England that central part of Britian between Ecosse and Occupied France
root kit scan
HI, can help with the below found with a sky-bot root kit scan are the malware or just hidden files::
Type: Key
Object: Flyout
Location: HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\A pplets\SysTray\BattMeter\
Details: No admin in ACL
Type: Key
Object: Svc
Location: HKLM\SOFTWARE\Wow6432Node\Microsoft\Security Center\
Details: No admin in ACL
Type: Folder
Object: SrtETmp
Location: C:\Users\All Users\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\SRTSP\
Details: No admin in ACL
Type: Folder
Object: SrtETmp
Location: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\SRTSP\
Details: No admin in ACL
Type: Key
Object: Flyout
Location: HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\A pplets\SysTray\BattMeter\
Details: No admin in ACL
Type: Key
Object: Svc
Location: HKLM\SOFTWARE\Wow6432Node\Microsoft\Security Center\
Details: No admin in ACL
Type: Folder
Object: SrtETmp
Location: C:\Users\All Users\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\SRTSP\
Details: No admin in ACL
Type: Folder
Object: SrtETmp
Location: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\SRTSP\
Details: No admin in ACL
Joined: Dec 2005
Posts: 1,694
Likes: 15
From: Wellington,NZ
You mean "Spybot" rather than sky-bot, I think?
Last time I looked, the rootkit scanner was a beta. Shouldn't really be used, unless you know what you're doing, if that's the case.
ADS processes found using a rootkit scanner are not necessarily rootkits. When they're flagged, it means it might be suspicious, or it might not.
In this case, it would appear to be part of the process of Norton - which I presume is your antivirus - and probably harmless. And if Norton is not your antivirus, I strongly recommend you remove it.
That said, I'd install, update, and run a scan with MBAM, for a second opinion. It's a very good scanner. There is a free version.
Last time I looked, the rootkit scanner was a beta. Shouldn't really be used, unless you know what you're doing, if that's the case.
ADS processes found using a rootkit scanner are not necessarily rootkits. When they're flagged, it means it might be suspicious, or it might not.
In this case, it would appear to be part of the process of Norton - which I presume is your antivirus - and probably harmless. And if Norton is not your antivirus, I strongly recommend you remove it.
That said, I'd install, update, and run a scan with MBAM, for a second opinion. It's a very good scanner. There is a free version.
More bang for your buck
Joined: Nov 2005
Posts: 3,513
Likes: 1
From: land of the clanger
WoW64 (Windows 32-bit on Windows 64-bit) is a subsystem of the Windows operating system that is capable of running 32-bit applications and is included on all 64-bit versions of Windows.
Joined: Jan 2012
Posts: 2,173
Likes: 0
From: .
if you want to check for rootkits use Kasperky's TDSSKiller
Anti-rootkit utility TDSSKiller
Not a bad idea to follow that up with Hitman Pro afterwards
Run both in SAFE mode
Anti-rootkit utility TDSSKiller
Not a bad idea to follow that up with Hitman Pro afterwards
Run both in SAFE mode
Thread Starter
Joined: Jan 2009
Posts: 131
Likes: 0
From: England that central part of Britian between Ecosse and Occupied France
thanks guys ,second opinion ,a good idea,already ran malware bytes, all looks well.sky(spy) bot,ok. aviator Frued slip up, or poor humor,
and ran the tdss killer .not tks (anti ice)
and ran the tdss killer .not tks (anti ice)
Last edited by much2much; 21st September 2012 at 18:11.
