Rootkit Revealer

[burgert]

I downloaded Rootkit Revealer software from www.sysinternals.com. Scanned my system and found 60 "Rootkits". Could someone tell me how to remove them, or should they be removed?
Thanks for any help!

[Doc]

Rootkit just seems to be another way of saying spyware, Adware or malware. Running a program like Spybot Search & Destroy, AdAware or any other good anti mmalware program should do a lot to clean out your registry.

For some of these you may need to turn off System Restore before you clean and you may also need to look for specific instruction for removal for some of what is in your system.

Run the programs I mentioned above and see how that goes first.

Doc

[burgert]

Doc, tried both, they found nothing. Rootkit data could be false negatives. Thanks for you reply.

[HAN]

From Sysinternals "You should examine discrepancies and determine the likelihood that they indicate the presence of a rootkit. Hidden from Windows API discrepancies are the ones exhibited by most rootkits, however you should expect to see a number of such entries on any NTFS volume since NTFS hides its metadata files, such as $MFT and $Secure, from the Windows API. In addition, there are a number of Registry keys that are inaccessible from the Windows API and will report as access-denied discrepancies. Files or Registry data created after a scan starts will also show up as discrepancies indicating the data is visible to the Windows API, but not to the low-level scan, so run RootkitRevealer on an idle system."

Would the hits you show qualify as these types? If so, you are probably ok...

[burgert]

Thanks HAN, I guess I am O.K.