I have NIS 2010 installed on my PC and I do a couple scans a day with Norton, Malwarebytes, and Hitman Pro 3.5.5. I just did a scan with Hitman Pro and it found a Rootkit in C:\Windows\system32\DRIVERS\
Isn't Norton supposed to detect and block these kind of malware attacks?????
Not very happy right now since Rootkits can do many things...
Hello !!I have NIS 2010 installed on my PC and I do a couple scans a day with Norton, Malwarebytes, and Hitman Pro 3.5.5. I just did a scan with Hitman Pro and it found a Rootkit in C:\Windows\system32\DRIVERS\
Isn't Norton supposed to detect and block these kind of malware attacks?????
Not very happy right now since Rootkits can do many things...
What is File name that was detected ?? Maybe it's just a False Positive
- Captain
File name is elxstor.sys
Does Hitman Pro tend to get known good files mixed up?
It's not a virus look this webiste Elxstor.sys Analysis Report If you're wanting to individually scan this file for a virus, use VirusTotal and upload elxstor.sys to have it scanned with dozens of different anti-virus scanners at once.
Hope this helps,
Captain
Agreed. Also see elxstor.sys - Greatis Software
After viewing that website, I have 2 questions:
- Does Hitman Pro conflict with virus protection?
- Why did Hitman clissify this as malware when it's a perfectly good file?
Symantec is telling me that Hitman Pro will conflict.
I went to the DRIVERS folder under the C drive and manually scanned the folder with Norton and it said everything was fine.
What would happen if I told Hitman Pro to quarantine/delete the infection and this WAS a false positive. I have Symantec Support saying it's an infection. What would happen if I was to delete the said file?
- Hitman Pro is an malware scanner and should not conflict with Symantec.
- It is not unusual for false/positives to occur. Thus, the need to pay attention to what is happening on your computer.
Your two posts have conflicting information. One indicates that NAV said the Drivers folder is fine and the second indicates Symantec Supports indicates an infection. Which is it?
Did you scan the specific file at VirusTotal as suggested by Capt.Jack Sparrow?
As to what would happen if you delete the driver, you would no longer have a driver for LightPulse Host Bus Adapters (HBAs).
No, I did not go to VirusTotal. But I still have my Kaspersky 2010 license. What I'm going to do is put it on after wiping Norton. If it finds the infection, then I'll know it was bad. Because Hitman Pro is cloud based leads me to thinking it has to be some kind of infection. I was reading up on Rootkits too since I never really had experience with them. Exactly, how do they act as malware? Do they come through your firewall or how do they get in?
Quote