Results 1 to 2 of 2

Thread: Rootkit analyzer results, am I okay you think

  1. #1
    Junior Member
    Join Date
    Apr 2015
    Posts
    1

    Cool Rootkit analyzer results, am I okay you think

    // info: Rootkit removal help file
    // copyright: (c) 2008-2016 Safer-Networking Ltd. All rights reserved.

    :: RootAlyzer Results
    File:"Unknown ADS","C:\Windows\SysWOW64\Adobe:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\System32\Adobe:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\000021599B0090400100000000F01FEC:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\00004109D60090400100000000F01FEC:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\00005109F80000000100000000F01FEC:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\00005159250090400100000000F01FEC:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\032440EF5AC97F34B985A55C2AA8F133:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\076CFAAAB965F2A4284B2449E5D03EFE:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\07803A0C34643E11ABB50FD42AA3C585:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\0B827C3904770E1169310005650C0080:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\1007C6B46D7C017319E3B52CF3EC196E:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\1926E8D15D0BCE53481466615F760A7F:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\1D5E3C0FEDA1E123187686FED06E995A:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\1E621243C3715854FBEBE3DB2DE0E3E9:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\24D68DC8DD4C04E4291161D4FFCB4ABD:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\3D04254D3B6B9FF42B3445CE3E1E0066:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\3e43b73803c7c394f8a6b2f0402e19c2:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\4314AE291D01A814191EA5403531A183:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\46A934DE810F4DD4B85A23D858BA90BA:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\47DEC2193D88B5C4CA0B313281467956:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\4A4869755DDD3AC4E98AB77E9D95D34B:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\4A9D4F432C248434EB4F5E358C54947E:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\4E42866C3BBC1584BBF38EFC6D539032:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\50A45C97641F0AE4A8074DFE6E81E125:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\52744B0D6663D294EB6F85A741DBB99D:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\60EA627A3AAA1D34783E075F0113F440:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\6116D6C8427B0184F8D20D746E7B6DE8:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\6414876250E69FF3395387C6C7F05BEB:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744CAF070E41400:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\6A262021B4A79884EA585F5E86D86338:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\6F9E66FF7E38E3A3FA41D89E8A906A4A:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\766F6333940964D4896BC447E3BE5C1B:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\775F634D5961F2D4B844CA679CE90020:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\7B292C385A83B0447A137070E0186AF4:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\7C43C21609E58D74B9C5F017D78D7262:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\7F80AB91827CC964A853FBDB6333EB80:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\84b9c17023c712640acaf308593282f8:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\88119C0AF88C68E4396EDCC7A9626694:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\96F071321C0420729002000010000000:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\9CF4DB1068F260746AE277B47B9E3D80:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\A2BDB5AD0F213434381512AABE929309:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\A57765D93F393A44082948E08362ED03:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\A6C64DD86500CEF47BA082BB611A1FF1:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\B6ACDB9A3563B764CA384963D73AFB3E:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\c1c4f01781cc94c4c8fb1542c0981a2a:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\C7BCDCEDCC85568419FA26F77989EF84:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\CF454FAAAC2892F4BA13A60149587EE6:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\CFD2C1F142D260E3CB8B271543DA9F98:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\D20352A90C039D93DBF6126ECE614057:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\D7314F9862C648A4DB8BE2A5B47BE100:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\DAF28AF1E400D6F44B2F93329A7178CD:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\DDA39468D428E8B4DB27C8D5DC5CA217:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\E08F45ADC1622A148A5545A941F4F295:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\E97A59ECCF4EFFF4A857920FB449F22F:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\EEDB8CDDCACDD4042875E3D8B4874276:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\EFEE0228DC83E77358593193D847A0EC:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\F132F0B0A6ECD384AA32773B467F9571:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\F4E3B286A696ED244AC1C470AE61874B:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Users\Tom\Music\Recorded Tracks\Audio_1.wav:Roxio EMC Stream:$DATA"
    File:"Unknown ADS","C:\Users\Tom\Dropbox\1124F LIBERTY:com.dropbox.attributes:$DATA"
    File:"Unknown ADS","C:\Users\Tom\Dropbox\Liberty for FWD Theatre:com.dropbox.attributes:$DATA"
    File:"Unknown ADS","C:\Users\Tom\Dropbox\Liberty for FWD Theatre\Liberty:com.dropbox.attributes:$DATA"
    File:"Unknown ADS","C:\Users\Tom\Dropbox\1124F LIBERTY\Audio:com.dropbox.attributes:$DATA"
    File:"Unknown ADS","C:\Users\Tom\Dropbox\1124F LIBERTY\EVAL REPORTS:com.dropbox.attributes:$DATA"
    File:"Unknown ADS","C:\Users\Tom\Dropbox\1124F LIBERTY\Score:com.dropbox.attributes:$DATA"
    File:"Unknown ADS","C:\Users\Tom\Documents\My Kindle Content\Aesops-Fables.azw:uidStream:$DATA"
    File:"Unknown ADS","C:\Users\Tom\Documents\My Kindle Content\A_drummer_boy_apos_s_diary.mobi:uidStream:$DATA"
    File:"Unknown ADS","C:\Users\Tom\Documents\My Kindle Content\pg50635-images.prc:uidStream:$DATA"
    File:"Unknown ADS","C:\Users\Tom\Documents\My Kindle Content\Pride-and-Prejudice.azw:uidStream:$DATA"
    File:"Unknown ADS","C:\Users\Tom\Documents\My Kindle Content\Treasure-Island.azw:uidStream:$DATA"
    File:"No admin in ACL","C:\Users\Thomas Blow\Music\MAGIX Podcast"
    File:"Unknown ADS","C:\Users\Thomas Blow\Documents\My Kindle Content\Aesops-Fables.azw:uidStream:$DATA"
    File:"Unknown ADS","C:\Users\Thomas Blow\Documents\My Kindle Content\Opium Eating.prc:uidStream:$DATA"
    File:"Unknown ADS","C:\Users\Thomas Blow\Documents\My Kindle Content\Pride-and-Prejudice.azw:uidStream:$DATA"
    File:"Unknown ADS","C:\Users\Thomas Blow\Documents\My Kindle Content\Treasure-Island.azw:uidStream:$DATA"
    File:"Unknown ADS","C:\Users\Thomas Blow\AppData\Roaming\FSAutoStart:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Users\Thomas Blow\AppData\Local\VirtualStore\Program Files (x86)\MediaMonkey:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Users\Thomas Blow\AppData\Local\Citrix\Receiver:Win32App_1:$DATA"
    File:"Unknown ADS","C:\ProgramData\Avg:Win32App_1:$DATA"
    File:"Unknown ADS","C:\ProgramData\FitbitConnect:Win32App_1:$DATA"
    File:"Unknown ADS","C:\ProgramData\Hewlett-Packard:Win32App_1:$DATA"
    File:"Unknown ADS","C:\ProgramData\PrintProjects:Win32App_1:$DATA"
    File:"Unknown ADS","C:\ProgramData\regid.1991-06.com.microsoft:Win32App_1:$DATA"
    File:"Unknown ADS","C:\ProgramData\TouchSmartData:Win32App_1:$DATA"
    File:"Unknown ADS","C:\ProgramData\TouchSmartData\Data:Win32App_1:$DATA"
    File:"Unknown ADS","C:\ProgramData\Symantec\Norton Online Backup:Win32App_1:$DATA"
    File:"Unknown ADS","C:\ProgramData\Roxio\VideoWave10\Plugins:Win32App_1:$DATA"
    File:"Unknown ADS","C:\ProgramData\Nitro\Reader\3.0:Win32App_1:$DATA"
    File:"Unknown ADS","C:\ProgramData\Microsoft\Windows Live\SOXE:Win32App_1:$DATA"
    File:"Unknown ADS","C:\ProgramData\Microsoft\IdentityCRL\production:Win32App_1:$DATA"
    File:"No admin in ACL","C:\ProgramData\MAGIX\J_MP3Maker"
    File:"No admin in ACL","C:\ProgramData\MAGIX\Common\UPnPService"
    File:"No admin in ACL","C:\ProgramData\MAGIX\Common\Database\FABS"
    File:"Unknown ADS","C:\ProgramData\Macrovision\FLEXnet Connect\11\ui:Win32App_1:$DATA"
    File:"Unknown ADS","C:\ProgramData\Hewlett-Packard\HP Client Services\config:Win32App_1:$DATA"
    File:"Unknown ADS","C:\ProgramData\AVG2014\log:Win32App_1:$DATA"
    File:"Unknown ADS","C:\ProgramData\Avg\AWL2014:Win32App_1:$DATA"
    File:"Unknown ADS","C:\ProgramData\Avg\log\fmw1:Win32App_1:$DATA"
    File:"Unknown ADS","C:\ProgramData\Avg\AWL2014\en-US:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\AmUStor:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Bonjour:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\DoroPDFWriter:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\DriverTurbo:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\EPSON Software:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Fitbit:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\FSAutoStart:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Gin Rummy:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Hewlett-Packard:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Hp:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\HP Games:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\JetAudio:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\K-NFB Reading Technology Inc:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Kodak:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Live Aquarium HD:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\MediaMonkey:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Microsoft Application Virtualization Client:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Microsoft Mathematics:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Mozilla Firefox:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\OpenOffice 4:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Opera:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\OverDrive Media Console:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\PDF Complete:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\PlayReady:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Pretty Good MahJongg 2:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Roxio:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Sony:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\SoundCheck:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Spybot - Search & Destroy 2:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\StartIsBack:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\USB Server 2:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Virtual Magnifying Glass:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Windows Live:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Zinio Reader 4:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\YAMAHA\MSD:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Windows Live\Contacts:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Windows Live\Mail:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Windows Live\Mesh:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Windows Live\Messenger:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Windows Live\Photo Gallery:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Windows Live\Shared:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Windows Live\SOXE:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Windows Live\Writer:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Windows Live\Writer\en:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Windows Live\Shared\en:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Windows Live\RemoteActiveX\en:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Windows Live\Photo Gallery\en:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Windows Live\Photo Gallery\Shared:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Windows Live\Installer\en:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\USB Server 2\Driver:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Texas Instruments Inc\TIUSB3_HostDriver:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Symantec\Norton Online Backup:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Spotmau\BootSuite 2012:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Sony\Sound Forge Audio Studio 10.0:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Seagate\SeaTools for Windows:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Ralink\RT2860 Wireless LAN Card:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Nitro\Reader 3:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\NewspaperDirect\PressReader:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\NewspaperDirect\PressReader\publisher:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Mobipocket.com\Mobipocket Reader:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Microsoft.NET\Primary Interop Assemblies:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Microsoft.NET\RedistList:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Microsoft WSE\v3.0:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Microsoft Silverlight\5.1.50709.0:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Microsoft Office\Office15:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Microsoft Office\Office15\1033:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Microsoft Office\Office15\InfoPathOM:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Microsoft Office\Office14\OneNote:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Maestro Music Software\MagicScore Maestro 7.x:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\LG Electronics\LG VZW United Driver:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\K-NFB Reading Technology Inc\Blio:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Java\jre1.8.0_102:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\IObit\Driver Booster:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\IObit\iFreeUp:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\IObit\IObit Malware Fighter:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\IObit\IObit Uninstaller:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\IObit\Smart Defrag 4:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\IObit\Surfing Protection:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Internet Chess Club\ICC for Windows:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Internet Chess Club\ICC for Windows Preview:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Intel\iCLS Client:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Intel\Intel(R) Management Engine Components:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Intel\Intel(R) Processor Graphics:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Intel\OpenCL SDK\1.5:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\InstallShield Installation Information\{48F22622-1CC2-4A83-9C1E-644DD96F832D}:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\HP Games\Game Explorer Categories - genres:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\HP Games\Hoyle Card Games:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\HP Games\Mah Jong Medley:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\HP Games\Web Link - Battlestar Galactica Online:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\HP Games\Web Link - Build-A-Lot Metropolis:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\HP Games\Web Link - Club Penguin:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\HP Games\Web Link - Dark Orbit:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\HP Games\Web Link - Gun Bros:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\HP Games\Web Link - It Girl!:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\HP Games\Web Link - Mahjongg Dark Dimensions:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\HP Games\Web Link - Odd Manor:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\HP Games\Web Link - Organized Crime:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\HP Games\Web Link - Penguin World:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\HP Games\Web Link - Polar Bowler Strike!:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\HP Games\Web Link - Salon Street:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\HP Games\Web Link - Seafight:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\HP Games\Web Link - Shaiya:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\HP Games\Web Link - World of Warcraft:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Hp\HP Software Update:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Hewlett-Packard\HP LinkUp:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Hewlett-Packard\HP Odometer:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Hewlett-Packard\HP Setup:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Hewlett-Packard\HP Support Framework:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Hewlett-Packard\HP Support Information:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Hewlett-Packard\Recovery:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Hewlett-Packard\Remote Graphics Receiver:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Hewlett-Packard\Setup Manager:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Hewlett-Packard\Setup Manager\Gadgets:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Google\Google Earth:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Google\Chrome\Application:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Generic\Network Printer Wizard:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Free Converting\Free WAV To AIFF Converter:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Fitbit Connect\locales:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Fitbit\Base Station:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\EPSON Software\Download Navigator:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\EPSON Software\FAX Utility:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\epson\guide\wf-3640_el:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\epson\Creativity Suite\Common\AppInfo1\Event Manager:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Dropbox\Client:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Docudesk\deskPDF Studio X:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Cyberlink\LabelPrint:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Cyberlink\Power2Go:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Common Files\Adobe:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Common Files\Adobe AIR:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Common Files\Citrix:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Common Files\DESIGNER:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Common Files\Microsoft Shared:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Common Files\PX Storage Engine:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Common Files\Roxio Shared:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Common Files\Sonic Shared:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Common Files\Roxio Shared\10.0:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Common Files\Roxio Shared\10.0\Roxio Central36\Audio:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Common Files\Roxio Shared\10.0\Roxio Central36\Copy:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Common Files\Roxio Shared\10.0\Roxio Central36\Data:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Common Files\Roxio Shared\10.0\Roxio Central36\Main:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Common Files\Roxio Shared\10.0\Roxio Central36\Tools:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Common Files\Propellerhead Software\ReWire:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Common Files\Nitro\Resource:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Common Files\Microsoft Shared\Ink:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Common Files\Microsoft Shared\SFPCA Cache:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Common Files\Microsoft Shared\VC:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Common Files\Microsoft Shared\VC\amd64:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Common Files\Java\Java Update:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Common Files\InstallShield\UpdateService:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Common Files\Apple\Internet Services:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Resources\WebKit:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Common Files\Adobe\ARM\1.0:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Citrix\AuthManager:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Citrix\ICA Client:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Citrix\SelfServicePlugin:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Citrix\ICA Client\Receiver:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Avid\Avid License Control:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Avid\Sibelius 7.5:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\AVG\AVG PC TuneUp:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\AVG\Framework:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\AVG\Zen\3rd_party\licenses:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\AVG\Framework\1:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Ashampoo\Ashampoo Burning Studio 2013:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Aimersoft\Video Converter Ultimate:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Adobe\Acrobat Reader DC:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\7-Zip\Lang:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\Bonjour:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\Calibre2:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\IDT:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\Microsoft Office 15:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\Microsoft Silverlight:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\PlayReady:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\Windows AIK:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\Windows Imaging:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\WinRAR:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\Yamaha\USB-MIDI Driver:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\Windows Live\Mail:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\Windows Live\Mesh:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\Windows Live\Mesh\en:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\Microsoft Silverlight\5.1.50709.0:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\Microsoft Office\Office14:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\Microsoft Office\Office15\1033:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\Macrium\Reflect:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\Logitech\Gaming Software:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\Intel\iCLS Client:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\Hewlett-Packard\HP Auto:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\Hewlett-Packard\HP Client Services:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\Hewlett-Packard\HP Vision Hardware Diagnostics:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\Hewlett-Packard\HP Vision Hardware Diagnostics\Executive:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\GlidePoint\Drivers:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\EpsonNet\EpsonNet Print:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\EPSON\EpsonCustomerParticipation:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\Common Files\Logitech:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\Common Files\microsoft shared:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\Common Files\Propellerhead Software\ReWire:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\Common Files\Nitro\Reader\3.0\x64:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\Common Files\microsoft shared\DW:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\Common Files\microsoft shared\VC:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\Common Files\microsoft shared\VSTO\10.0:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\Common Files\microsoft shared\VSTO\10.0\1033:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\Common Files\microsoft shared\OFFICE15\Cultures:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\Common Files\Apple\Internet Services:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\Avid\Sibelius 7.5:Win32App_1:$DATA"
    File:"Unknown ADS","C:\hp\support:Win32App_1:$DATA"
    File:"Unknown ADS","C:\boot\Macrium\Drivers:Win32App_1:$DATA"
    RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SYSTEM\CurrentControlSet\Services\ADOVMPPackage","Final"
    RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SYSTEM\ControlSet001\Services\ADOVMPPackage","Final"
    RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\WOW6432Node\WOW6432Node\CLSID","{4DADF451-7695-4d4f-8718-F96F65BAA096}"
    RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\WOW6432Node\CLSID","{4DADF451-7695-4d4f-8718-F96F65BAA096}"
    RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\CLSID","{4DADF451-7695-4d4f-8718-F96F65BAA096}"
    RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Microsoft\Security Center\Svc","Upgrade"
    RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Microsoft\InputMethod\Chs","DuState"
    RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Magix","AACCodes"
    RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Magix","AudioIDCodes"
    RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Magix","GoGoCodes"
    RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Magix","MP3ProCodes"

  2. #2
    Member of Team Spybot tashi's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    30,955

    Default

    Hello blowt1,

    The RootAlyzer is an analyst tool, in general all items found are not necessarily malicious.

    Sometimes even legitimate software uses rootkit technologies.

    How is the computer running, did you have a particular reason for running the rootkit scan?

    Best regards.
    Microsoft MVP Reconnect 2018-
    Windows Insider MVP 2016-2018
    Microsoft Consumer Security MVP 2006-2016

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •