I have switched the “enable rootkit scanning” on, and Comodo detects 58 rootkit entries in the registry.
The entries are all sort of the same. Here is an example:
Rootkit.HiddenValue@0 HKEY_LOCAL_MACHINE\Software\Classes\CLSID{604BB98A-A94F-4a5c-A67C-D8D3582C741C}\InprocServer32
Rootkit.HiddenValue@0 HKEY_LOCAL_MACHINE\Software\Classes\CLSID{604BB98A-A94F-4a5c-A67C-D8D3582C741C}\InprocServer32\ThreadingModel
I guess it means that the entries contains embedded nulls, but that doesn’t make it a rootkit.
I do not have the knowledge to judge if these are false alerts.
I can’t send the registry entries to the malvare analysis.
Can anyone help me, and tell me what to do?