Hello
My name is Michal and I’m a data administrator, London UK.
I have a problem with the scan results using RogueKiller, it shows this hook and directs me to the website that says only " check on the internet whether your machine is infected or not".
Problem is that at work I deal with a lot of sensitive data and I need to know for sure.
My request is can someone please help me identify if this is a virus or just as suggested it is one of the actual genuine software's doings?
Based on this thread (
http://www.bleepingcomputer.com/forums/t/601924/rootkit-ssdtinl-zwdeleteatom/ )I could assume that it is only a false positive but I can’t be sure as to whether my case is exactly the same. I would supply the logs requested there but I don’t want to use those tools without someone telling me to do so.
There is so little on the internet about this issue that I have no way to find out for myself even by comparison. I understand that I could simply format everything but it is the data licks that I’m worrying about, and also, maybe its possible to remove the virus?
This is what I know:
Malwarebytes AntiRootkit didn’t find anything
Microsoft Security Essentials found nothing
Also I would like to ask if someone could advise me as to what software specialises in stopping the rootkits from being installed or even better is there a software that would let me know each time an IRP Hook is trying to be established?
Please get back to me and thanks to anyone who would show the interest in assisting me with this issue.
Kind Regards
Topic: ZwDeleteAtom[99] Need a good soul to help (Read 6577 times)
