Results 1 to 4 of 4

Thread: Rootkit scan results

  1. #1
    Junior Member
    Join Date
    Apr 2016
    Posts
    2

    Default Rootkit scan results

    I'm running windows 10 and was concerned about possible virus or malware so I run the deep rootkit scan. The only problems I've been having is my firefox is blocking pop-up ads from nearly every site I visit, as I work from my computer, I wanted to make sure that there wasn't anything showing up here that could end up being problematic. I'm also using adaware and malware bytes. Thank you for your time.



    // info: Rootkit removal help file
    // copyright: (c) 2008-2016 Safer-Networking Ltd. All rights reserved.

    :: RootAlyzer Results
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\3e43b73803c7c394f8a6b2f0402e19c2:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744CAF070E41400:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\C2A84DA2D51A7B7429262463E7EDE86D:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\CFD2C1F142D260E3CB8B271543DA9F98:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\D04BB691875110D32B98EBCF771AA1E1:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\D20352A90C039D93DBF6126ECE614057:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\D7314F9862C648A4DB8BE2A5B47BE100:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Users\Matt\Documents\Mabinogi\Cache\0:L7AL@mabius1.tmp:$DATA"
    File:"Unknown ADS","C:\ProgramData\regid.1991-06.com.microsoft:Win32App_1:$DATA"
    File:"Unknown ADS","C:\ProgramData\NexonUS\NGM:Win32App_1:$DATA"
    File:"Unknown ADS","C:\ProgramData\Lenovo\UserGuide:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Intel Driver Update Utility:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Malwarebytes Anti-Malware:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Mozilla Firefox:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Realtek:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\REALTEK PCIE Wireless LAN Driver:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Spybot - Search & Destroy 2:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\SystemRequirementsLab:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Yahoo!\yset\{38CE94B3-6F0D-314E-8BAE-E5C84BE186CF}:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Realtek\Realtek Windows NIC Driver:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Razer\Razer Game Booster:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Microsoft Office\Office15:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Lenovo\Driver & Application Auto-installation:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Lenovo\LenovoPortal:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Lenovo\MetricCollectionSDK:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Lenovo\MetricCollectionSDK35:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Lenovo\Power2Go:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Lenovo\PowerDVD12:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Lenovo\REACHit:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Lenovo\SHAREit:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Lenovo\PowerDVD12\Common\MUI:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Java\jre1.8.0_77:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\IObit\IObit Malware Fighter:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\IObit\Surfing Protection:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Intel\iCLS Client:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Intel\Intel(R) Management Engine Components:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Intel\Intel(R) Processor Graphics:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Intel\Intel(R) Security Assist:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\Lang:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Common Files\Adobe:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Common Files\Skype:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Common Files\PostureAgent\plugins\install:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Common Files\Microsoft Shared\VC:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Common Files\Java\Java Update:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Common Files\Adobe\ARM\1.0:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Cisco\Cisco EAP-FAST Module:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Cisco\Cisco LEAP Module:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Cisco\Cisco PEAP Module:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Cisco\Cisco PEAP Module\en-US:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Cisco\Cisco LEAP Module\en-US:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Cisco\Cisco EAP-FAST Module\en-US:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Adobe\Acrobat Reader DC:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\CCleaner:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\WinRAR:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\Realtek\Audio\HDA:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\Microsoft Silverlight\5.1.41212.0:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\Lenovo\ImController:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\Lenovo\Lenovo Solution Center:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\Lenovo\OneKey App\Lenovo Rescue System:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\Lavasoft\Ad-Aware Antivirus\Online Threats Engine\3.0.1.23:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\Lavasoft\Ad-Aware Antivirus\Firewall Engine\1.6.0.0:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\Lavasoft\Ad-Aware Antivirus\AVC Engine\3.11.12293.0:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\Lavasoft\Ad-Aware Antivirus\Antispam Engine\2.4.4244.0:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\Lavasoft\Ad-Aware Antivirus\Antimalware Engine\3.0.99.0:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\Intel\iCLS Client:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\Intel\Intel(R) Chipset Device Software:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\Intel\Intel(R) Management Engine Components:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\Intel\Intel(R) Rapid Storage Technology:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\Common Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus Updater\11.10.767.8917:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Nexon\Mabinogi\Client.exe:AGC:$DATA"
    File:"Unknown ADS","C:\Nexon\Mabinogi\PowerPatcher.exe:AGC:$DATA"
    RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Microsoft\Security Center\Svc","Upgrade"
    RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Microsoft\InputMethod\Chs","DuState"
    Last edited by kballer; 2016-04-12 at 15:26.

  2. #2
    Member of Team Spybot tashi's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    30,465

    Default

    Hello kballer,

    Your log isn't giving any flags, it is doubtful browser popups would be caused by a rootkit.

    Has your anti-virus given an alert?

    What is the operating system please.

    "I work from my computer"
    Would that be in a business environment or, a personal computer also used for work.

    Best regards.
    Microsoft MVP Reconnect 2018-
    Windows Insider MVP 2016-2018
    Microsoft Consumer Security MVP 2006-2016

  3. #3
    Junior Member
    Join Date
    Apr 2016
    Posts
    2

    Default

    Quote Originally Posted by tashi View Post
    Hello kballer,

    Your log isn't giving any flags, it is doubtful browser popups would be caused by a rootkit.

    Has your anti-virus given an alert?

    What is the operating system please.

    "I work from my computer"
    Would that be in a business environment or, a personal computer also used for work.

    Best regards.
    Thanks for the quick response. My anti-virus hasn't shown anything. I'm using windows 10, and it's a personal computer also used for work. Thanks again for your time!

  4. #4
    Member of Team Spybot tashi's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    30,465

    Default

    Hi kballer,

    If you'd like someone to take a look at the system and see if they can find the source of the popups you can start a topic in the Malware Removal Forum and a volunteer analyst will advise.

    See that forum's FAQ which provides instructions in post #2 on how to provide the logs from Farbar Recovery Scan Tool and aswMBR, which are the logs used in the preliminary analysis.

    ----> Before you post the Farbar Recovery Scan Tool and aswMBR logs

    If you provide a link back to this topic it will give helpers a heads up.

    Best regards.
    Microsoft MVP Reconnect 2018-
    Windows Insider MVP 2016-2018
    Microsoft Consumer Security MVP 2006-2016

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •