When i went to scan critical areas using CIS, it found these:
Rootkit.HiddenValue@0 HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\mp3musicdirect.com*
Rootkit.HiddenValue@0 HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\okulta.com*
Rootkit.HiddenValue@0 HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\websearch.com\www*
Rootkit.HiddenKey@0 HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\websearch.com\www
Rootkit.HiddenValue@0 HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\websearch.com*
Rootkit.HiddenValue@0 HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\mp3musicdirect.com\www*
Rootkit.HiddenKey@0 HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\mp3musicdirect.com\www
Rootkit.HiddenValue@0 HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\mp3musicdirect.com*
Rootkit.HiddenValue@0 HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\okulta.com*
Rootkit.HiddenValue@0 HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\websearch.com\www*
Rootkit.HiddenKey@0 HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\websearch.com\www
Rootkit.HiddenValue@0 HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\websearch.com*
Rootkit.HiddenKey@0 HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\websearch.com
Rootkit.HiddenKey@0 HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\mp3musicdirect.com
Rootkit.HiddenKey@0 HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\okulta.com
That’s 15 Threats in total. Ih avent scanned fully yet. Though i hope you can help me with this one.
As i’ve seen on other threads, i’ll try to go use other Rootkit Detection programs as well.
CIS can’t clean or remove them, I’m new to these things. please i need help.
They don’t appear in the registry as well.