Results 1 to 9 of 9

Thread: Rootkit Deep Scan Results

Threaded View

Previous Post Previous Post   Next Post Next Post
  1. #1
    Junior Member
    Join Date
    Dec 2014
    Posts
    16

    Default Rootkit Deep Scan Results - Anything bad?

    Hello, I have Avast Antivirus and Malwarebytes on my computer and do regular scans and have never had any infections before, even in scans as recently as today.

    A few days ago I downloaded a free program called "Any Video Converter" from download.cnet.com (prior to installing it, I scanned it using Avast and Malwarebytes, as well as the online scanner at virustotal.com). They all said it was clean.

    After installing that program, I ran scans again because I am paranoid, and they all still came back clean.

    However, it seems like ever since then my computer just seems to be slower than usual at most things. For example, when I open iTunes it takes a long time to open and then will often become non-responsive and I get impatient and close it. When searching for things in Chrome, it seems like the search results take a bit longer to populate also. Just random things like that. I'm not sure if there is a correlation with me installing that "Any Video Converter" program or not?

    So I downloaded Spybot after reading about adware and spyware that sometimes come in on free programs. Wanted to see if it would catch anything that Avast and Malwarebytes missed. The regular scan didn't show anything bad/in red, it was basically just a few usage tracks. Then I ran a Rootkit scan...

    So this is the full result of my Rootkit Deep Scan. I don't really know how to interpret it, hoping someone can tell me if anything looks bad. I did read that many things aren't necessarily malware, but I hope someone can take a look to be sure. Looks like a lot of them are pictures, but there are a few weird looking things, like "C:\Dellt! s". FYI, the E: drive is my Western Digital external hard drive that I have plugged in for backup (the software it uses is called "SmartWare" to automatically back things up)... it seems like a lot of the results are located on that E: drive.

    I'm using Windows 7 64-bit SP1, and Chrome as my browser (but I do have IE and Firefox also installed).

    Thanks for taking a look!

    :: RootAlyzer Results
    File:"Invisible to Win32","E:\Extras sandb"
    1-5-21-3836965969-56342752-2157042032-1001\sfzone\C\Users\Owner\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#www.paypalobjects.com\settings.sol"
    File:"Invisible to Win32","E:\WD SmartWare.swstor\Owner-PC\Volume.6cdcb045.b4dd.11e1.9ee6.806e6f6e6963\avast! sandbox\S-1-5-21-3836965969-56342752-2157042032-1001\sfzone\C\Users\Owner\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#static.bb.contentdef.com\settings.sol"
    File:"Invisible to Win32","E:\WD SmartWare.swstor\Owner-PC\Volume.6cdcb045.b4dd.11e1.9ee6.806e6f6e6963\avast! sandbox\S-1-5-21-3836965969-56342752-2157042032-1001\sfzone\C\Users\Owner\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#i3.bb.contentdef.com\settings.sol"
    File:"Invisible to Win32","E:\WD SmartWare.swstor\Owner-PC\Volume.6cdcb045.b4dd.11e1.9ee6.806e6f6e6963\avast! sandbox\S-1-5-21-3836965969-56342752-2157042032-1001\sfzone\C\Users\Owner\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\5WJDHUEZ\i3.bb.contentdef.com\assets\common\swf\flowplayer.commercial.3.2.10.swf"
    File:"Invisible to Win32","E:\WD SmartWare.swstor\Owner-PC\Volume.6cdcb045.b4dd.11e1.9ee6.806e6f6e6963\avast! sandbox\S-1-5-21-3836965969-56342752-2157042032-1001\sfzone\C\Users\Owner\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\5WJDHUEZ\i3.bb.contentdef.com\assets\common\swf\flowplayer.commercial.3.2.10.swf\org.flowplayer.sol"
    File:"Invisible to Win32","E:\WD SmartWare.swstor\Owner-PC\Volume.6cdcb045.b4dd.11e1.9ee6.806e6f6e6963\avast! sandbox\S-
    File:"Invisible to Win32","E:\WD SmartWare.swstor\Owner-PC\Volume.6cdcb045.b4dd.11e1.9ee6.806e6f6e6963\avast! sandbox\S-
    File:"Invisible to Win32","E:\WD SmartWare.swstor\Owner-PC\Volume.6cdcb045.b4dd.11e1.9ee6.806e6f6e6963\avast! sandbox\S-
    File:"Invisible to Win32","E:\WD SmartWare.swstor\Owner-PC\Volume.6cdcb045.b4dd.11e1.9ee6.806e6f6e6963\avast! sandbox\S-
    File:"Invisible to Win32","E:\WD SmartWare.swstor\Owner-PC\Volume.6cdcb045.b4dd.11e1.9ee6.806e6f6e6963\avast! sandbox\S-1-5-21-3836965969-56342752-2157042032-1001\sfzone\C\Users\Owner\AppData\LocalLow\Microsoft\Silverlight\is\ogx0he3x.fa3\3nnn05jo.zob\1\s\psld1rq2evnjg2ki2ziatkouhebg2l4klzm3vvurqxwtu41pinaaahda\f"
    File:"Invisible to Win32","E:\WD SmartWare.swstor\Owner-PC\Volume.6cdcb045.b4dd.11e1.9ee6.806e6f6e6963\avast! sandbox\S-1-5-21-3836965969-56342752-2157042032-1001\sfzone\C\Users\Owner\AppData\LocalLow\Microsoft\Silverlight\is\ogx0he3x.fa3\3nnn05jo.zob\1\s\psld1rq2evnjg2ki2ziatkouhebg2l4klzm3vvurqxwtu41pinaaahda\group.dat"
    File:"Invisible to Win32","E:\WD SmartWare.swstor\Owner-PC\Volume.6cdcb045.b4dd.11e1.9ee6.806e6f6e6963\avast! sandbox\S-1-5-21-3836965969-56342752-2157042032-1001\sfzone\C\Users\Owner\AppData\LocalLow\Microsoft\Silverlight\is\ogx0he3x.fa3\3nnn05jo.zob\1\s\psld1rq2evnjg2ki2ziatkouhebg2l4klzm3vvurqxwtu41pinaaahda\id.dat"
    File:"Invisible to Win32","E:\WD SmartWare.swstor\Owner-PC\Volume.6cdcb045.b4dd.11e1.9ee6.806e6f6e6963\avast! sandbox\S-1-5-21-3836965969-56342752-2157042032-1001\sfzone\C\Users\Owner\AppData\LocalLow\Microsoft\Silverlight\is\ogx0he3x.fa3\3nnn05jo.zob\1\s\psld1rq2evnjg2ki2ziatkouhebg2l4klzm3vvurqxwtu41pinaaahda\f\krb.txt"
    File:"Invisible to Win32","E:\WD SmartWare.swstor\Owner-PC\Volume.6cdcb045.b4dd.11e1.9ee6.806e6f6e6963\avast! sandbox\S-1-5-21-3836965969-56342752-2157042032-1001\sfzone\C\Users\Owner\AppData\LocalLow\Microsoft\Silverlight\is\ogx0he3x.fa3\3nnn05jo.zob\1\g\o0ix4jipd532wjp4nlfmf502ppt24jbn1dxr0mpntl03zkcp1laaafba\id.dat"
    File:"Invisible to Win32","E:\WD SmartWare.swstor\Owner-PC\Volume.6cdcb045.b4dd.11e1.9ee6.806e6f6e6963\avast! sandbox\S-1-5-21-3836965969-56342752-2157042032-1001\sfzone\C\Users\Owner\AppData\LocalLow\Microsoft\Silverlight\is\ogx0he3x.fa3\3nnn05jo.zob\1\g\o0ix4jipd532wjp4nlfmf502ppt24jbn1dxr0mpntl03zkcp1laaafba\quota.dat"
    File:"Invisible to Win32","E:\WD SmartWare.swstor\Owner-PC\Volume.6cdcb045.b4dd.11e1.9ee6.806e6f6e6963\avast! sandbox\S-1-5-21-3836965969-56342752-2157042032-1001\sfzone\C\Users\Owner\AppData\LocalLow\Microsoft\Silverlight\is\ogx0he3x.fa3\3nnn05jo.zob\1\g\o0ix4jipd532wjp4nlfmf502ppt24jbn1dxr0mpntl03zkcp1laaafba\quota@4e98e1b0732c4e418f1fb79425a72859.dat"
    File:"Invisible to Win32","E:\WD SmartWare.swstor\Owner-PC\Volume.6cdcb045.b4dd.11e1.9ee6.806e6f6e6963\avast! sandbox\S-1-5-21-3836965969-56342752-2157042032-1001\sfzone\C\Users\Owner\AppData\LocalLow\Microsoft\Silverlight\is\ogx0he3x.fa3\3nnn05jo.zob\1\g\o0ix4jipd532wjp4nlfmf502ppt24jbn1dxr0mpntl03zkcp1laaafba\used.dat"
    File:"Invisible to Win32","E:\WD SmartWare.swstor\Owner-PC\Volume.6cdcb045.b4dd.11e1.9ee6.806e6f6e6963\avast! sandbox\S-1-5-21-3836965969-56342752-2157042032-1001\sfzone\C\Users\Owner\AppData\LocalLow\Microsoft\Silverlight\is\ogx0he3x.fa3\3nnn05jo.zob\1\g\o0ix4jipd532wjp4nlfmf502ppt24jbn1dxr0mpntl03zkcp1laaafba\used@6f77c70e71474964954fccb35cf46127.dat"
    File:"Invisible to Win32","C:\Dellt! s"
    File:"No admin in ACL","C:\System Recovery"
    File:"Unknown ADS","C:\Users\Owner\Pictures\2012-1-19 Ice Storm\DSCN0820.AVI:TOC.WMV:$DATA"
    File:"Unknown ADS","C:\Users\Owner\Pictures\2012-1-19 Ice Storm\DSCN0824.AVI:TOC.WMV:$DATA"
    File:"Unknown ADS","C:\Users\Owner\Pictures\2012-1-19 Ice Storm\DSCN0825.AVI:TOC.WMV:$DATA"
    File:"Unknown ADS","C:\Users\Owner\Pictures\2012-1-19 Ice Storm\DSCN0839.AVI:TOC.WMV:$DATA"
    File:"Unknown ADS","C:\Users\Owner\Pictures\2012-1-19 Ice Storm\DSCN0840.AVI:TOC.WMV:$DATA"
    File:"Unknown ADS","C:\Users\Owner\Pictures\2012-07-01\088.MOV:TOC.WMV:$DATA"
    File:"Unknown ADS","C:\Users\Owner\Pictures\2012-07-01\096.MOV:TOC.WMV:$DATA"
    File:"Unknown ADS","C:\Users\Owner\Pictures\2012-07-01\101.MOV:TOC.WMV:$DATA"
    File:"Unknown ADS","C:\Users\Owner\Pictures\2012-07-01\118.MOV:TOC.WMV:$DATA"
    File:"Unknown ADS","C:\Users\Owner\Pictures\2012-07-01\204.MOV:TOC.WMV:$DATA"
    File:"Unknown ADS","C:\Users\Owner\Pictures\2012-06-30\001.AVI:TOC.WMV:$DATA"
    File:"Unknown ADS","C:\Users\Owner\Pictures\2012-06-25\064.AVI:TOC.WMV:$DATA"
    File:"Unknown ADS","C:\Users\Owner\Pictures\2012-04-20\075.AVI:TOC.WMV:$DATA"
    File:"Unknown ADS","C:\Users\Owner\Pictures\2012-04-20\077.AVI:TOC.WMV:$DATA"
    File:"Unknown ADS","C:\Users\Owner\Pictures\2012-03-22\445.AVI:TOC.WMV:$DATA"
    File:"Unknown ADS","C:\Users\Owner\Pictures\2012-03-22\446.AVI:TOC.WMV:$DATA"
    File:"Unknown ADS","C:\Users\Owner\Pictures\2011-09-05 003\MVI_4363.AVI:TOC.WMV:$DATA"
    File:"Unknown ADS","C:\Users\Owner\Pictures\2011-09-05 003\MVI_4364.AVI:TOC.WMV:$DATA"
    File:"Unknown ADS","C:\Users\Owner\Pictures\2011-09-05 001\MVI_4366.AVI:TOC.WMV:$DATA"
    File:"Unknown ADS","C:\Users\Owner\Pictures\2011-09-05 001\MVI_4368.AVI:TOC.WMV:$DATA"
    File:"Unknown ADS","C:\Users\Owner\Pictures\2011-09-05 001\MVI_4369.AVI:TOC.WMV:$DATA"
    File:"Unknown ADS","C:\Users\Owner\Pictures\2011-09-05 001\MVI_4370.AVI:TOC.WMV:$DATA"
    File:"Unknown ADS","C:\Users\Owner\Pictures\2011-09-05 001\MVI_4371.AVI:TOC.WMV:$DATA"
    File:"Unknown ADS","C:\Users\Owner\Pictures\2011-09-05 001\MVI_4372.AVI:TOC.WMV:$DATA"
    File:"Unknown ADS","C:\Users\Owner\Pictures\2011-07-22\009.AVI:TOC.WMV:$DATA"
    File:"Unknown ADS","C:\Users\Owner\Pictures\2010-08-29 004\MVI_0388.AVI:TOC.WMV:$DATA"
    File:"Unknown ADS","C:\Users\Owner\Pictures\2010-08-29 004\MVI_0389.AVI:TOC.WMV:$DATA"
    File:"Unknown ADS","C:\Users\Owner\Pictures\2010-08-29 003\MVI_0383.AVI:TOC.WMV:$DATA"
    File:"Unknown ADS","C:\Users\Owner\Pictures\2010-08-29 003\MVI_0385.AVI:TOC.WMV:$DATA"
    File:"Unknown ADS","C:\Users\Owner\Pictures\2010-08-29 003\MVI_0386.AVI:TOC.WMV:$DATA"
    File:"Unknown ADS","C:\Users\Owner\Pictures\2010-08-29 002\MVI_0375.AVI:TOC.WMV:$DATA"
    File:"Unknown ADS","C:\Users\Owner\Pictures\2010-08-29 002\MVI_0376.AVI:TOC.WMV:$DATA"
    File:"Unknown ADS","C:\Users\Owner\Pictures\2010-08-29 002\MVI_0377.AVI:TOC.WMV:$DATA"
    File:"Unknown ADS","C:\Users\Owner\Pictures\2010-08-29 001\MVI_0371.AVI:TOC.WMV:$DATA"
    File:"Unknown ADS","C:\Users\Owner\Pictures\2010-08-29 001\MVI_0372.AVI:TOC.WMV:$DATA"
    File:"Unknown ADS","C:\Users\Owner\Pictures\2009-09-24 001\Flicker Birds Clip.AVI:TOC.WMV:$DATA"
    File:"No admin in ACL","C:\ProgramData\Microsoft\OFFICE\DATA"
    Last edited by Twirly; 2014-12-13 at 09:27.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •