A user noticed that our SpySweeper sweeps comes up with
the message "Potentially Rootkit-masked files" on two
file after installing NWC 4.91 SP2:

C:\windows\system32\Novell\nici\id\xmgrcfg.ks2
C:\windows\system32\Novell\nici\id\xmgrcfg.ks3

I am assuming this is something done legitimately by NICI
as part of its cryptography, but can't find any reference
to it at Novell. Can someone put my mind at rest?

Thanks,

Tom