ESET Insiders m4v3r1ck 113 Posted November 23, 2014 ESET Insiders Share Posted November 23, 2014 (edited) Hi, Did an admin privilidged scan of all drives and ESS found a possible threat in "windows/system32/ROBOOT64.exe" C:\Windows\System32\roboot64.exe - een variant van Win64/Systweak.A potentieel ongewenste toepassing Next I perfomed a sca on only the file and it got quarantinianed! Could not find this file in the ESET KB. Anybody know what's up with this file? Googled and found that some say it's a windows systemfile, and alot of websites advertise to remove it, of course with their tools? Very confusing indeed! Found this on: https://herdprotect.com/roboot64.exe-eb3043902391a8cbab7f799f35cf676002fc1c52.aspx File name: roboot64.exe Publisher: Systweak Inc., (www.systweak.com) (signed by Systweak Inc) Product: Systweak Advanced System Optimizer Description: Advanced System Optimizer - Registry Optimizer Version: 3.0.0.5326 MD5: 30448ccedd41000b5bafb66abdb2662b SHA-1: eb3043902391a8cbab7f799f35cf676002fc1c52 SHA-256: f3bfbc80d634bde17fff07811138337cd0f8f0da36fbca5db0308cceafd91c88 Analysis Scanner detections: 2 / 68 Status: Inconclusive but possibly unwanted (There is not enough data for a 100% detection) Analysis date: 10/1/2014 8:56:01 PM UTC (one month ago) Scan engine Detection Engine version ESET NOD32 Win64/Systweak.A potentially unwanted application 7.0.302.0 Reason Heuristics PUP.Optional.Systweak.I 14.10.1.16 TIA for any directions to KB or answer here on the forum! Cheers NOTE FOR MOD: sorry in the wrong section, please move. Edited November 23, 2014 by BDMSTUDIOS Link to comment Share on other sites More sharing options...
Administrators Marcos 5,069 Posted November 23, 2014 Administrators Share Posted November 23, 2014 As stated above, it's a potentially unwanted application. If you think that benefits of using the PUA outweigh possible risks (e.g. paying for nothing which is often the case of registry "cleaners"), you can exclude the application from detection. Otherwise you should be able to uninstall it in a standard manner via the Control panel or the Start menu. Link to comment Share on other sites More sharing options...
ESET Insiders m4v3r1ck 113 Posted November 23, 2014 Author ESET Insiders Share Posted November 23, 2014 (edited) As stated above, it's a potentially unwanted application. If you think that benefits of using the PUA outweigh possible risks (e.g. paying for nothing which is often the case of registry "cleaners"), you can exclude the application from detection. Otherwise you should be able to uninstall it in a standard manner via the Control panel or the Start menu. Thanks Marcos! Indeed the file is linked/installed to/by CCleaner. UNINSTALLED IT!!! Kudos to you! Edited November 23, 2014 by BDMSTUDIOS Link to comment Share on other sites More sharing options...
Recommended Posts