Guest User!

You are not Sophos Staff.

Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 9 replies
  • Subscribers 6 subscribers
  • Views 18462 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Hidden Rootkit

gypsydan

Does anyone know what this unremovable rootkit belongs to?

There is no other available info on it.

Is there a way to remove it, without rebuilding HD?

\HKEY_USERS\S-1-5-21-1390067357-299502267-725345543-1006

\HKEY_USERS\S-1-5-21-1390067357-299502267-725345543-1006_Classes

 running XP-SP3

:14657


This thread was automatically locked due to age.
Parents
  • 0

    Hi Christian,

    You are probably correct, this might not be a rootkit.

    But then what would it be, for when I run SAR the registry key key shows as hidden,  BUT,  I can also see it in the registry.  Why?

    AND, this was an nVidia user ID for their latest releases, see this link

    Apparently they are trying to hide user iDs for gamers

    Dan

    :15417
Reply
  • 0

    Hi Christian,

    You are probably correct, this might not be a rootkit.

    But then what would it be, for when I run SAR the registry key key shows as hidden,  BUT,  I can also see it in the registry.  Why?

    AND, this was an nVidia user ID for their latest releases, see this link

    Apparently they are trying to hide user iDs for gamers

    Dan

    :15417
Children
No Data