Results 1 to 2 of 2

Thread: rootkit scan

Threaded View

Previous Post Previous Post   Next Post Next Post
  1. #1
    Junior Member
    Join Date
    Jan 2016
    Posts
    1

    Default rootkit scan

    Hi

    I've attached a rootkit scan done on my pc yesterday.

    Is there anything here that I should be concerned about?

    // info: Rootkit removal help file
    // copyright: (c) 2008-2016 Safer-Networking Ltd. All rights reserved.

    :: RootAlyzer Results
    File:"Unknown ADS","F:\DriverNavigator:Win32App_1:$DATA"
    File:"Unknown ADS","F:\ipod-converter:Win32App_1:$DATA"
    File:"Unknown ADS","F:\Omron Healthcare\Omron Health Management Software:Win32App_1:$DATA"
    File:"Unknown ADS","F:\logitech\Ereg:Win32App_1:$DATA"
    File:"Unknown ADS","F:\logitech\LWS\LU:Win32App_1:$DATA"
    File:"Unknown ADS","F:\logitech\LWS\Video Mask Maker:Win32App_1:$DATA"
    File:"Unknown ADS","F:\logitech\LWS\Webcam Software:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\System32:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\SysWOW64:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\SysWOW64\Adobe:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\System32\Adobe:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\000021091A0090400000000000F01FEC:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\00002109411090400000000000F01FEC:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\00002109440090400000000000F01FEC:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\000021094B0090400000000000F01FEC:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\00002109510090400000000000F01FEC:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\00002109511090400000000000F01FEC:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\00002109610090400000000000F01FEC:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\00002109611090400100000000F01FEC:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\00002109711090400000000000F01FEC:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\00002109810090400000000000F01FEC:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\00002109910090400000000000F01FEC:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\00002109A10090400000000000F01FEC:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\00002109A20000000100000000F01FEC:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\00002109A20090400100000000F01FEC:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\00002109A30000000000000000F01FEC:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\00002109AB0090400000000000F01FEC:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\00002109B10090400000000000F01FEC:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\00002109E60090400000000000F01FEC:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\00002109F10090400000000000F01FEC:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\00002109F100A0C00000000000F01FEC:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\00002109F100C0400000000000F01FEC:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\000021599B0090400100000000F01FEC:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\00004109500200000000000000F01FEC:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\032440EF5AC97F34B985A55C2AA8F133:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\0D756077321A70C3E844C138CE981581:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\1038C85769625584FA5435B4210089A0:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\14D02E18772C625439D42F83A09FB187:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\1A4DE204B5F8A783688899A7FB858B2F:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\1D5E3C0FEDA1E123187686FED06E995A:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\3D04254D3B6B9FF42B3445CE3E1E0066:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\3e43b73803c7c394f8a6b2f0402e19c2:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\3FF10DD6EC36B63469BD1663E3AAE48B:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\4314AE291D01A814191EA5403531A183:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\4A4869755DDD3AC4E98AB77E9D95D34B:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\4A9D4F432C248434EB4F5E358C54947E:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\5C13C3F8A3C98AA4E8AF1792A0A75D33:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\600F16D5C861B8B47BDF1F311CA00E4E:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\6414876250E69FF3395387C6C7F05BEB:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\65252EF71C7BD0847B63016AA738A3AE:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744BA0000000010:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\6E58EC68CABDDFF39B774E7BF9389C90:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\6F9E66FF7E38E3A3FA41D89E8A906A4A:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\766F6333940964D4896BC447E3BE5C1B:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\775F634D5961F2D4B844CA679CE90020:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\7B292C385A83B0447A137070E0186AF4:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\7F80AB91827CC964A853FBDB6333EB80:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\89201680EA92B5443BD7FEEB50089276:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\9D34FBAD4011467429B7B5DE21473A0B:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\A76A12931BA584E449447C8141FC0372:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\B6ACDB9A3563B764CA384963D73AFB3E:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\B846977CE014ABB47BB58551CBFE7ED1:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\c1c4f01781cc94c4c8fb1542c0981a2a:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\D20352A90C039D93DBF6126ECE614057:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\D7314F9862C648A4DB8BE2A5B47BE100:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\DDA39468D428E8B4DB27C8D5DC5CA217:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\DDE7F2BCF1D91C3409CFF425AE1E271A:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\E97A59ECCF4EFFF4A857920FB449F22F:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\EB940C659E972054EB7A79453A6EF0B9:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\EFEE0228DC83E77358593193D847A0EC:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\F132F0B0A6ECD384AA32773B467F9571:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\F4E3B286A696ED244AC1C470AE61874B:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Cursors\arrow_n.cur:NEDTA.DAT:$DATA"
    File:"Unknown ADS","C:\Users\User\Documents\Scanned Documents\Welcome Scan.jpg:3or4kl4x13tuuug3Byamue2s4b:$DATA"
    File:"No admin in ACL","C:\Users\User\AppData\Roaming\Real\Update\UpgradeHelper"
    File:"No admin in ACL","C:\Users\User\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer"
    File:"Unknown ADS","C:\ProgramData\Nero:Win32App_1:$DATA"
    File:"No admin in ACL","C:\ProgramData\Real\setup\config.ini"
    File:"Unknown ADS","C:\ProgramData\Microsoft\OFFICE:Win32App_1:$DATA"
    File:"Unknown ADS","C:\ProgramData\Microsoft\Windows Live\SOXE:Win32App_1:$DATA"
    File:"No admin in ACL","C:\ProgramData\Microsoft\OFFICE\DATA"
    File:"Unknown ADS","C:\ProgramData\Microsoft\OFFICE\DATA:Win32App_1:$DATA"
    File:"Unknown ADS","C:\ProgramData\Microsoft\IdentityCRL\production:Win32App_1:$DATA"
    File:"Unknown ADS","C:\ProgramData\MFAData\pack:Win32App:$DATA"
    File:"Unknown ADS","C:\ProgramData\Logitech\LWS\Filters:Win32App_1:$DATA"
    File:"Unknown ADS","C:\ProgramData\EPSON\MyEpson Portal:Win32App_1:$DATA"
    File:"Unknown ADS","C:\ProgramData\CyberLink\CLDShowX.ini:Update.CL:$DATA"
    File:"Unknown ADS","C:\ProgramData\CyberLink\PowerDVD\CLDShowX.ini:Update.CL:$DATA"
    File:"Unknown ADS","C:\ProgramData\Apple\Apple Application Support\kdrl:Win32App_1:$DATA"
    File:"Unknown ADS","C:\ProgramData\ABBYY\FineReaderSprint\9.00\Licenses:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\ABBYY FineReader 6.0 Sprint:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\ABBYY FineReader 9.0 Sprint:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Apple Software Update:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Bonjour:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\bttb:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\ePEN Scoring System:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Epson Software:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\IObit Apps Toolbar:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Microsoft CAPICOM 2.1.0.2:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Microsoft Office:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Microsoft SQL Server Compact Edition:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Microsoft Visual Studio 8:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Mozilla Firefox:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\MSBuild:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Safari:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Secure Speed Dial:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Spybot - Search & Destroy 2:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\TomTom HOME 2:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Windows Live:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Windows Phone:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Windows Live\Contacts:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Windows Live\Photo Gallery:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Windows Live\Shared:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Windows Live\SOXE:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Windows Live\Shared\en:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Windows Live\Photo Gallery\en:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Windows Live\Photo Gallery\Shared:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Windows Live\Installer\en:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\VideoLAN\VLC:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\TomTom International B.V\TomTom HOME Visual Studio Merge Modules:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Sony\Sony Image Data Suite:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Sony\Sony Picture Utility:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Skype\Toolbars:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Silabs\MCU\DriverUninstall:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Samsung\Kies:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\PC Camera\PC VGA Camera:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\NVIDIA Corporation\3D Vision:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\NVIDIA Corporation\LED Visualizer:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\NVIDIA Corporation\NetService:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\NVIDIA Corporation\PhysX:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\NVIDIA Corporation\Update Core:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Nero\Nero8:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Microsoft.NET\Primary Interop Assemblies:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Microsoft.NET\RedistList:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Microsoft Works\1033:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Microsoft Visual Studio\COMMON\IDE\IDE98:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Microsoft SQL Server Compact Edition\v3.1:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Microsoft Silverlight\5.1.41105.0:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Microsoft Office\Office12:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Microsoft Office\Office14:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Microsoft Office\Office12\1033:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Microsoft Office\Office12\1036:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Microsoft Office\Office12\3082:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Microsoft Office\Office12\1033\GrooveForms5\FormsStyles:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Microsoft ASP.NET\ASP.NET MVC 4\Assemblies:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\McAfee\SiteAdvisor:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Java\jre1.8.0_66:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Java\jre6\bin:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\iTunes\Mozilla Plugins:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\IObit\Advanced SystemCare:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\IObit\Classic Start:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\IObit\Driver Booster:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\IObit\iFreeUp:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\IObit\IObit Malware Fighter:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\IObit\IObit Uninstaller:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\IObit\Smart Defrag 4:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\IObit\Surfing Protection:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\InstallShield Installation Information\{48F22622-1CC2-4A83-9C1E-644DD96F832D}:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Google\Google Earth:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Google\Google Earth\plugin:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Google\Chrome\Application:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Focus-ES\Waves:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Epson Software\Download Navigator:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Epson Software\E-Web Print:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Epson Software\Easy Photo Print:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Epson Software\ECPrinterSetup:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Epson Software\Epson Printer Connection Checker:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Epson Software\Epson Manual\Launcher:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\epson\MyEpson Portal\Configration_00000171:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\epson\Creativity Suite\Common\AppInfo1\Event Manager:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\EASEUS\EASEUS Todo Backup 1.1:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\CyberLink\DVD Suite:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\CyberLink\LabelPrint:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\CyberLink\PowerBackup:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\CyberLink\PowerDVD:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Cucusoft\Ultimate-Converter:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Common Files\Adobe:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Common Files\Adobe AIR:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Common Files\DESIGNER:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Common Files\LightScribe:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Common Files\logishrd:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Common Files\Microsoft Shared:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Common Files\Nero:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Common Files\Skype:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Common Files\System\Ole DB:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Common Files\System\Ole DB\Resources\1033:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Common Files\System\MSMAPI\1033:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Common Files\Microsoft Shared\VC:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\Access.en-us:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\Excel.en-us:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\Groove.en-us:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\Office.en-us:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\Office64.en-us:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\Office64.WW:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\OneNote.en-us:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\Outlook.en-us:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\Project.en-us:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\Proofing.en-us:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\Publisher.en-us:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Common Files\logishrd\LWSPlugins\LWS:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Common Files\logishrd\LWSPlugins\LWS\Metadata:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Common Files\Java\Java Update:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Common Files\Apple\Apple Application Support:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Common Files\Apple\Internet Services:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Common Files\Apple\Mobile Device Support:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Resources\WebKit:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Common Files\Adobe\ARM\1.0:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Citrix\GoToAssist\896:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Bonjour\Bonjour.Resources:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\ArcSoft\VideoImpression 2:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Adobe\Acrobat_com:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Adobe\Reader 11.0:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Adobe\Reader 11.0\Reader:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\ABBYY FineReader 9.0 Sprint\Support:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\Bonjour:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\iTunes:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\McAfee:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\Microsoft Silverlight:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\Windows XP Mode\Tutorial\Scripts:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\Realtek\Audio\HDA:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\NVIDIA Corporation\Control Panel Client:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\NVIDIA Corporation\NvStreamSrv:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\NVIDIA Corporation\ShadowPlay:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\NVIDIA Corporation\Uninstall:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\NVIDIA Corporation\Installer2\Display.Driver.{ACD13677-C8D1-4B5A-86BA-C363D6A647B0}:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\NVIDIA Corporation\Installer2\Display.NVIRUSB.{66839F53-9279-4E8A-9E4B-F90FF99B1029}:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\NVIDIA Corporation\Installer2\Display.Optimus.{2138CC0B-3642-4D7F-B6C7-C3440A5EEC18}:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\NVIDIA Corporation\Installer2\Display.Update.{CE213E88-4EFE-4B6D-B43D-6C6347993C51}:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\NVIDIA Corporation\Installer2\GfExperienceService.{16377FED-1FD1-4A33-8B18-2AB0AC07C136}:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\NVIDIA Corporation\Installer2\InstallerCore:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\NVIDIA Corporation\Installer2\ShieldWirelessController.{471C8D3A-5D2E-4B9E-AF2E-EEB1106BC627}:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\NVIDIA Corporation\Installer2\VirtualAudio.Driver.{46723004-3CCC-4503-AB39-037E7C563600}:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\Microsoft Silverlight\5.1.41105.0:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\Microsoft Office\Office12:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\Microsoft Office\Office12\1033:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\iPod\bin\iPodService.Resources:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\Common Files\logishrd:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\Common Files\microsoft shared:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\Common Files\microsoft shared\DW:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\Common Files\microsoft shared\VC:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\Common Files\Apple\Apple Application Support:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\Common Files\Apple\CoreFP:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\Common Files\Apple\Internet Services:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\Common Files\Apple\Mobile Device Support:Win32App_1:$DATA"
    RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SYSTEM\CurrentControlSet\Services\ADOVMPPackage","Final"
    RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SYSTEM\ControlSet001\Services\ADOVMPPackage","Final"
    RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Microsoft\Security Center\Svc","Upgrade"
    RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Microsoft\InputMethod\Chs","DuState"
    Attached Files Attached Files
    Last edited by tashi; 2016-01-07 at 21:39. Reason: Moved from the malware forum. Copy pasted log into topic

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •