Does this mean I have a rootkit/malware?

Parsifal

Parsifal

Parsifal

Permabanned
Joined
5 Oct 2010
Posts
338
I've been looking for new anti-malware programs to scan my machine. I found this rootkit revealer program but I'm not sure how to interpret the results.

This is what it gives me:

ZIZPb.png


As you can see, these things come under the "Rootkit/Malware" tab. Are these actual rootkits do you think, or what?

Thanks.

(This is on XP 32 bit, fairly new install).
 
I would say that's a list of locations where Rootkits hide that the program searches so don't panic. Someone will confirm this im sure. I use Sophos Anti-Rootkit myself so you could try that as it has a better interface imo.
 
Last edited:
A quick google shows that fwdrv.sys is a part of Kerio

ati2.... is part of your graphics driver
ntkrnlpa is the windows kernal

Nothing out of the ordinary :)

Personally, I just use my router, Windows Firewall and Microsoft Security Essentials
 
I find rootkit revealers mildly useful, at best. You'd be better off doing an offline virus scan or port scanning your own machine from another computer.
 
Out of interest, what lead yu to use GMER, I had not heard of it, and wouldn't know it wasn't an actual virus install itself hiding in the guise of a remover program, as many suites of unkown origin claim to be nowadays.

Had you seen it reviewed, or on recommendation, or found it by a google search?
 
GMER and Sysinternals RootkitRevealer are the best tools for the job.

That screenshot looks pretty clean to me. Rootkits often stand out a mile as they tend to use randomly generated filenames.
 
You must log in or register to reply here.
Back
Top Bottom