Following a full scan, one or more rootkits have been found but when I try to clean them CIS tells me it is not possible to clean or quarantine them. Can anyone advise what the procedure is for rootkit removal please?
Can you please post a screenshot of those ‘rootkit’ detections?
Rookit verification must be done on an ‘offline’ system, I’d advise to download Hiren’s boot CD here
Boot from it and use explorer or registry editor to verify the existence of the detected ‘Rootkits’.
I will have to come back to you Ronny. I didn’t take a screenshot so it will require a full scan again. I can’t do that at this time as the machine is too busy running other tasks. I can tell you that all rootkits were found in the registry and related to Microsoft applications which seemed a bit strange to me. I was kind of wondering whether they may be false positives?
Could be some anomaly was found during scanning, let’s see what turns up.