anon123 Posted November 12, 2016 ID:1071671 Share Posted November 12, 2016 I've ran the mbar and as soon as I open the program, it tells me that there is a regedit value "appinit_dlls" that is potentially rootkit activity related. It's located in "SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS" and I can't find it physically on my computer. There are a few more with same kind of names in them, but they are nVidia related and digitally signed so they should be fine. Any advices? mbar always comes clean after I click "no" on the startup which asks for me to remove the value. Link to post Share on other sites More sharing options...
Staff shadowwar Posted November 12, 2016 Staff ID:1071686 Share Posted November 12, 2016 If it pointing to the valid nvidia files then this is ok to bypass. This is not necessarily a false positive and MBAR is asking the user to decide. Link to post Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now