Faccio per la prima volta il controllo anti Rootkit usando Sophos Anti-Rootkit 1.1
Alla fine della scansione mi segnala cinque file (infetti? pericolosi? boh!).
Ecco i dettagli:
Area: Windows registry
Description: Hidden registry key
Location: \HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\a347scsi\Config\jdgg40
Removable: No
Notes: (no more detail available)
Area: Windows registry
Description: Hidden registry value
Location: \HKEY_USERS\S-1-5-21-1935655697-1123561945-839522115-1003\Software\Microsoft\Windows\ShellNoRoam\BagMRU\0\1\0\0\1\0\3
Removable: No
Notes: (type 3, length 54) "4 1 G4\xedH\x10 Word \x03 \x04 \xef\xbe\xf42\x1dKG4!W\x14 W o r d \x14 "
Area: Windows registry
Description: Hidden registry value
Location: \HKEY_USERS\S-1-5-21-1935655697-1123561945-839522115-1003\Software\Microsoft\Windows\ShellNoRoam\BagMRU\0\1\0\0\1\0\1\0
Removable: No
Notes: (type 3, length 74) "H 1 K3\x8d\x90\x11 QUICKL~1 0 \x03 \x04 \xef\xbee/\xdd\x84V3\xc0<\x14 Q u i c k L a u n c h \x18 " ... "h \x18 "
Area: Windows registry
Description: Hidden registry key
Location: \HKEY_USERS\S-1-5-21-1935655697-1123561945-839522115-1003\Software\Microsoft\Windows\ShellNoRoam\BagMRU\0\1\0\0\1\0\1\0
Removable: No
Notes: (no more detail available)
Area: Windows registry
Description: Hidden registry key
Location: \HKEY_USERS\S-1-5-21-1935655697-1123561945-839522115-1003\Software\Microsoft\Windows\ShellNoRoam\BagMRU\0\1\0\0\1\0\3
Removable: No
Notes: (no more detail available)
E adesso cosa devo fare?
Grazie!