Both Legitimate programs and rootkits can hook into and alter this table. SSDT (System Service Descriptor Table) is a table that stores addresses of functions that are used by Windows. It is normal for a Firewall, some Anti-virus and Anti-malware software (ProcessGuard, Prevx1, AVG AS), sandboxes, virtual machines and Host based Intrusion Prevention Systems (HIPS) to hook into the OS kernal/SSDT in order to protect your system. Not all hidden components detected by ARKs are malicious. I found out these files were files belonging to the sandbox of Avast Internet Security.Īre these files harmless being in the sandbox or should i delete them or rename them?ġ1/21/10 19:11:50 : BlackLight Engine initializedġ1/21/10 19:11:50 : OS: 5.1 build 2600 (Service Pack 3)ġ1/21/10 19:11:58 : FSRAW library version ġ1/21/10 19:12:03 : Hidden file: c:\# aswSnx private storage\snx_rhiveġ1/21/10 19:12:03 : Hidden file: c:\# aswSnx private storage\snx_rhive.LOG Then blacklight said It has found 2 hidden files. I finished off by using blacklight anti rootkit tool just for the sake of conscience really.
#AVAST ROOTKIT FULLSCAN FULL#
I made a full scan with Mbam, a quick scan with avast internet security, a quick scan with superantispyware and some scanning with spybot s and d.
Today i was scanning my computer making sure it was clean.