v5.07 found 8 traces of "potentially rootkit-masked files".

How do I know whether it is really a problem and safe to remove this?

Can it be legitimate and screw up my system if I remove it?

Hi i have had that. you really check the log file. btw have you got windows live messenger and use sharing folders? because i do have windows live messenger and use sharing folders and spysweeper detected my only two sharing folders in windows live messenger as possible masked files. so can you post the log here please? because im interested to see if it is the same thing as i got or something else.

lodore

I'd be happy to post a log file. How do I get to the log? Will there be a log if I haven't yet decided to quarantine the rootkit thing (which I haven't.).

Not running Windows messenger to my knowledge.

Thanks for the help!

Hi,

Maybe got nothing to do with it but do u have "MS Private Folder" or the like?

I know MS Private folder triggers these alerts on my machine.

Thanks.

-{ Quote: "I'd be happy to post a log file. How do I get to the log? " }-The Session log will more than likely be very long and the only part that would need to be posted would be the items found concerning "rootkit-masked files". To do this open Spysweeper and select Options from the left menu and in the far right box area you should see View Session Log. Select that and highlight the lines dealing with the rootkit-masked entries and copy paste that info into a new post here.

Also....Spy Sweeper's "potentially rootkit-masked files" detection is not definition based, it is essentially looking for descrepancies between what windows sees and what is actually on disk and will from time to time detect harmless files. There are various reasons that this happens but usually it's just a timing issue and subsequent sweeps will not detect the files.

I would suggest you perform another scan but to save time adjust what is re-scanned by going into Options again and uncheck all drives and all other items except Sweep for rootkits. Enable Direct Disk Sweeping will have to be checked also in order to select Sweep for rootkits.

Bubba