Results 1 to 2 of 2

Thread: help request for RootKit scan results

  1. #1
    Junior Member
    Join Date
    Mar 2016
    Posts
    2

    Question help request for RootKit scan results

    Hey there. For the last couple of days my laptop has been giving me problems, especially when it comes to going online. It says it's connected to the internet but then can't get online or load anything. I tried both with my wi-fi and LAN connection, and it's just my pc, since my sister's and dad's work just fine. I figured it must be a malware blocking my internet access.

    I'm running Windows 10 pro 64 bit, and I use Avast antivirus, malwarebytes and spybot for scanning my laptop. So, earlier, I run the deep rootkit scan, but since this is like my second time using it I'd like some help to read it. I'm not sure, most of these seem false positives. I know not all items found by the RootAlyzer are necessarily malicious, but then what can explain the connection problem?

    Here my log:

    // info: Rootkit removal help file
    // copyright: (c) 2008-2016 Safer-Networking Ltd. All rights reserved.

    :: RootAlyzer Results
    File:"Unknown ADS","C:\The KMPlayer:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\000021599B0090400100000000F01FEC:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\000041091A0001400000000000F01FEC:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\00004109440001400000000000F01FEC:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\00004109510001400000000000F01FEC:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\00004109610001400000000000F01FEC:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\00004109810001400000000000F01FEC:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\00004109910001400000000000F01FEC:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\00004109A10001400000000000F01FEC:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\00004109A20000000100000000F01FEC:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\00004109A20001400100000000F01FEC:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\00004109AB0001400000000000F01FEC:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\00004109B10001400000000000F01FEC:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\00004109C20001400000000000F01FEC:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\00004109E60001400000000000F01FEC:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\00004109F10001400000000000F01FEC:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\00004109F10070400000000000F01FEC:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\00004109F10090400000000000F01FEC:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\00004109F100C0400000000000F01FEC:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\1007C6B46D7C017319E3B52CF3EC196E:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\1735F6DB1CAD0F03D9EDAC6C97E1823C:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\1926E8D15D0BCE53481466615F760A7F:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\1D5E3C0FEDA1E123187686FED06E995A:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\52744B0D6663D294EB6F85A741DBB99D:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744BA0000000010:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\8765D471149DC334DB32855A7C0B3DD6:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\91785D291CBB3CC40AB8659C8E48CCC2:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\A6C64DD86500CEF47BA082BB611A1FF1:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\A7C639EE04AE5D13B956E8E380C98382:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\c1c4f01781cc94c4c8fb1542c0981a2a:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\CFD2C1F142D260E3CB8B271543DA9F98:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\D7314F9862C648A4DB8BE2A5B47BE100:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\DDA39468D428E8B4DB27C8D5DC5CA217:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\E1810453A043A7E44B90136643272B7F:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\E530C18D5A0DFD11490500313D6D9992:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\E5A3BD428CB05E11A9720FD42AA3C585:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\EDBC8B2C23253E114B490FD42AA3C585:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\EDC91C33539E0E110AAD0FD42AA3C585:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\EEA24505DB67DCB48A092EFFD4E450A1:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\EFEE0228DC83E77358593193D847A0EC:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\FCCE9AF7ED2A1AD4FB3F1862D0DB6AF8:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Users\Rita\Videos\effect\effects\Blender Explosion.avi:TOC.WMV:$DATA"
    File:"Unknown ADS","C:\Users\Rita\Videos\effect\effects\Bokeh.mpg:TOC.WMV:$DATA"
    File:"Unknown ADS","C:\Users\Rita\Pictures\v's pics\The Veronicas - 4Ever (Live @ NRL Grand Final 02-10-05).avi:TOC.WMV:$DATA"
    File:"Unknown ADS","C:\Users\Rita\Pictures\v's pics\Interview - 08.20.08 (TRL) - VideoMan.mpg:TOC.WMV:$DATA"
    File:"Unknown ADS","C:\Users\Rita\Pictures\v's pics\video.mp4:TOC.WMV:$DATA"
    File:"Unknown ADS","C:\Users\Rita\Pictures\Leo & Nim the best\Immagine 701.avi:TOC.WMV:$DATA"
    File:"Unknown ADS","C:\Users\Rita\Pictures\Leo & Nim the best\Immagine 722.avi:TOC.WMV:$DATA"
    File:"Unknown ADS","C:\Users\Rita\Pictures\Leo & Nim the best\Immagine 902.avi:TOC.WMV:$DATA"
    File:"Unknown ADS","C:\Users\Rita\Pictures\Leo & Nim the best\leo.AVI:TOC.WMV:$DATA"
    File:"Unknown ADS","C:\Users\Rita\Pictures\personali\162.AVI:TOC.WMV:$DATA"
    File:"Unknown ADS","C:\Users\Rita\Pictures\personali\DSCF0456.AVI:TOC.WMV:$DATA"
    File:"Unknown ADS","C:\Users\Rita\Pictures\personali\DSCN0538.AVI:TOC.WMV:$DATA"
    File:"Unknown ADS","C:\Users\Rita\Pictures\personali\DSCN0539.AVI:TOC.WMV:$DATA"
    File:"Unknown ADS","C:\Users\Rita\Pictures\personali\DSCN0540.AVI:TOC.WMV:$DATA"
    File:"Unknown ADS","C:\Users\Rita\Pictures\personali\DSCN0541.AVI:TOC.WMV:$DATA"
    File:"Unknown ADS","C:\Users\Rita\Pictures\personali\DSCN0619.AVI:TOC.WMV:$DATA"
    File:"Unknown ADS","C:\Users\Rita\Pictures\personali\immagine 462.avi:TOC.WMV:$DATA"
    File:"Unknown ADS","C:\Users\Rita\Pictures\personali\immagine 463.avi:TOC.WMV:$DATA"
    File:"Unknown ADS","C:\Users\Rita\Pictures\personali\immagine 464.avi:TOC.WMV:$DATA"
    File:"Unknown ADS","C:\Users\Rita\Pictures\personali\immagine 465.avi:TOC.WMV:$DATA"
    File:"Unknown ADS","C:\Users\Rita\Pictures\personali\immagine 467.avi:TOC.WMV:$DATA"
    File:"Unknown ADS","C:\Users\Rita\Pictures\personali\Immagine 833.avi:TOC.WMV:$DATA"
    File:"Unknown ADS","C:\Users\Rita\Pictures\personali\Immagine 858.avi:TOC.WMV:$DATA"
    File:"Unknown ADS","C:\Users\Rita\Pictures\personali\Immagine 897.avi:TOC.WMV:$DATA"
    File:"Unknown ADS","C:\Users\Rita\Pictures\personali\Immagine 903.avi:TOC.WMV:$DATA"
    File:"Unknown ADS","C:\Users\Rita\Pictures\personali\Immagine 904.avi:TOC.WMV:$DATA"
    File:"Unknown ADS","C:\Users\Rita\Pictures\personali\Immagine 905.avi:TOC.WMV:$DATA"
    File:"Unknown ADS","C:\Users\Rita\Pictures\personali\Immagine 906.avi:TOC.WMV:$DATA"
    File:"Unknown ADS","C:\Users\Rita\Pictures\personali\Immagine 907.avi:TOC.WMV:$DATA"
    File:"Unknown ADS","C:\Users\Rita\Pictures\personali\Immagine 909.avi:TOC.WMV:$DATA"
    File:"Unknown ADS","C:\Users\Rita\Pictures\personali\MVI_0294.AVI:TOC.WMV:$DATA"
    File:"Unknown ADS","C:\Users\Rita\Pictures\personali\MVI_5543.AVI:TOC.WMV:$DATA"
    File:"Unknown ADS","C:\Users\Rita\Pictures\personali\MVI_5545.AVI:TOC.WMV:$DATA"
    File:"Unknown ADS","C:\Users\Rita\Pictures\personali\MVI_5547.AVI:TOC.WMV:$DATA"
    File:"Unknown ADS","C:\Users\Rita\Pictures\personali\MVI_6868.AVI:TOC.WMV:$DATA"
    File:"Unknown ADS","C:\Users\Rita\Pictures\personali\MVI_6869.AVI:TOC.WMV:$DATA"
    File:"Unknown ADS","C:\Users\Rita\Pictures\personali\MVI_6954.AVI:TOC.WMV:$DATA"
    File:"Unknown ADS","C:\Users\Rita\Pictures\personali\trl (10).avi:TOC.WMV:$DATA"
    File:"Unknown ADS","C:\Users\Rita\Pictures\personali\trl (11).avi:TOC.WMV:$DATA"
    File:"Unknown ADS","C:\Users\Rita\Pictures\personali\trl (12).avi:TOC.WMV:$DATA"
    File:"Unknown ADS","C:\Users\Rita\Pictures\personali\trl (14).avi:TOC.WMV:$DATA"
    File:"Unknown ADS","C:\Users\Rita\Pictures\personali\trl (15).avi:TOC.WMV:$DATA"
    File:"Unknown ADS","C:\Users\Rita\Pictures\personali\trl (16).avi:TOC.WMV:$DATA"
    File:"Unknown ADS","C:\Users\Rita\Pictures\personali\trl (7).avi:TOC.WMV:$DATA"
    File:"Unknown ADS","C:\Users\Rita\Pictures\foto personali\trl (8).avi:TOC.WMV:$DATA"
    File:"Unknown ADS","C:\Users\Rita\Pictures\personali\trl (9).avi:TOC.WMV:$DATA"
    File:"Unknown ADS","C:\Users\Rita\Pictures\personali\miragica 22 agosto\MVI_7108.AVI:TOC.WMV:$DATA"
    File:"Unknown ADS","C:\Users\Rita\Pictures\personali\miragica 22 agosto\MVI_7133.AVI:TOC.WMV:$DATA"
    File:"Unknown ADS","C:\Users\Rita\Pictures\personali\miragica 22 agosto\MVI_7134.AVI:TOC.WMV:$DATA"
    File:"Unknown ADS","C:\Users\Rita\Pictures\personali\miragica 22 agosto\MVI_7163.AVI:TOC.WMV:$DATA"
    File:"Unknown ADS","C:\Users\Rita\Pictures\personali\miragica 22 agosto\MVI_7165.AVI:TOC.WMV:$DATA"
    File:"Unknown ADS","C:\Users\Rita\Pictures\personali\irlanda\MVI_5783.AVI:TOC.WMV:$DATA"
    File:"Unknown ADS","C:\ProgramData\ZDSupport\ZDServ:Win32App_1:$DATA"
    File:"Unknown ADS","C:\ProgramData\TechSmith\Camtasia Studio\Library 2.0:Win32App_1:$DATA"
    File:"Unknown ADS","C:\ProgramData\SRS Labs\APO:Win32App_1:$DATA"
    File:"Unknown ADS","C:\ProgramData\Microsoft\OFFICE:Win32App_1:$DATA"
    File:"Unknown ADS","C:\ProgramData\Microsoft\OFFICE\UICaptions:Win32App_1:$DATA"
    File:"Unknown ADS","C:\ProgramData\Microsoft\IdentityCRL\production:Win32App_1:$DATA"
    File:"Unknown ADS","C:\ProgramData\Apple\Apple Application Support\kdrl:Win32App_1:$DATA"
    File:"Unknown ADS","C:\ProgramData\Adobe\Adobe PDF:Win32App_1:$DATA"
    File:"Unknown ADS","C:\ProgramData\ABBYY\Retail.ScreenshotReader\9.00\Licenses:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\ABBYY Screenshot Reader:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Adobe:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\AmIcoSingLun:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Apple Software Update:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Bonjour:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Malwarebytes Anti-Malware:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Microsoft Office:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Microsoft Silverlight:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Microsoft SQL Server Compact Edition:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Mozilla Firefox:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Realtek WLAN Driver:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Spybot - Search & Destroy 2:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Toshiba TEMPRO:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Windows Live:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\ZTEMobileBroadbandDeviceDrivers:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Wondershare\Dr.Fone per Android:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Wise\Wise Registry Cleaner:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Windows Sidebar\Shared Gadgets\Power Consumption Meter Eco.Gadget:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Windows Live\Contacts:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Windows Live\Mail:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Windows Live\Photo Gallery:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Windows Live\Shared:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Windows Live\SOXE:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Windows Live\Writer:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Windows Live\Shared\en:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Windows Live\Shared\it:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Windows Live\Photo Gallery\en:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Windows Live\Photo Gallery\it:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Windows Live\Photo Gallery\Shared:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Windows Live\Installer\en:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Windows Live\Installer\it:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\VS Revo Group\Revo Uninstaller:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\VideoLAN\VLC:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Toshiba\Manuals:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Toshiba\PCDiag:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Toshiba\TOSHIBA Disc Creator:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Toshiba\TOSHIBA Service Station:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Toshiba\TOSHIBA Web Camera Application:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Toshiba\TOSHIBA Web Camera Application\Help:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Toshiba\TOSHIBA Disc Creator\Help:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\TechSmith\Camtasia Studio 8:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Sony\Shared Plug-Ins:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\QuickTime\QTComponents:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Microsoft.NET\Primary Interop Assemblies:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Microsoft.NET\RedistList:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Microsoft Synchronization Services\ADO.NET\v1.0:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Microsoft SQL Server Compact Edition\v3.1:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Microsoft SQL Server Compact Edition\v3.5:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Microsoft Office\Office14:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Microsoft Office\Office14\1040:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Microsoft Analysis Services\AS OLEDB\10\Cartridges:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Microsoft Analysis Services\AS OLEDB\10\Resources\1040:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Jasc Software Inc\Animation Shop 3:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\iTunes\Mozilla Plugins:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Intel\iCLS Client:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Intel\Intel(R) Management Engine Components:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Intel\Intel(R) Processor Graphics:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Intel\OpenCL SDK\2.0:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\iDealshare\VideoGo 6:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Google\Chrome\Application:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Faasoft\Video Converter:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\DTS, Inc\DTS Studio Sound:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Dropbox\Client:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Common Files\Adobe:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Common Files\DESIGNER:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Common Files\Microsoft Shared:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Common Files\Skype:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Common Files\TechSmith Shared\iZotope:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Common Files\System\Ole DB:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Common Files\System\Ole DB\resources\1040:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Common Files\Microsoft Shared\VC:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Common Files\Microsoft Shared\VSTO\10.0\1040:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Common Files\Microsoft Shared\VC\amd64:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Excel.it-it:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Groove.it-it:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\InfoPath.it-it:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\OneNote.it-it:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Outlook.it-it:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Proofing.it-it:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Publisher.it-it:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Common Files\Apple\Apple Application Support:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Common Files\Apple\Mobile Device Support:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Common Files\Adobe\ARM\1.0:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Bonjour\Bonjour.Resources:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Adobe\Reader 11.0:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Adobe\Update Management Tool:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Adobe\Reader 11.0\Reader:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\Adobe:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\Bonjour:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\CCleaner:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\iTunes:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\Microsoft Silverlight:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\PlayReady:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\TOSHIBA:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\WinRAR:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\Windows Sidebar\Shared Gadgets\Power Consumption Meter Eco.Gadget:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\Windows Live\Mail:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\TOSHIBA\TECO:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\TOSHIBA\TOSHIBA Disc Creator:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\TOSHIBA\TOSHIBA Recovery Media Creator:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\TOSHIBA\TOSHIBAValueAddedPackage:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\TOSHIBA\TPHM:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\TOSHIBA\Utilities:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\Sony\Vegas Pro 13.0:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\Sony\Vegas Pro 13.0\Readme:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\Microsoft Silverlight\5.1.50901.0:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\Microsoft Office\Office14:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\Microsoft Office\Office14\1040:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\iPod\bin\iPodService.Resources:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\Intel\iCLS Client:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\Intel\Intel(R) Rapid Storage Technology:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\Intel\Intel(R) Rapid Storage Technology\Lang:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\IDT\WDM:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\Common Files\microsoft shared:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\Common Files\microsoft shared\DW:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\Common Files\microsoft shared\VC:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\Common Files\microsoft shared\VSTO\10.0:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\Common Files\microsoft shared\VSTO\10.0\1033:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\Common Files\microsoft shared\VSTO\10.0\1040:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\Common Files\Apple\Apple Application Support:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\Common Files\Apple\CoreFP:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\Common Files\Apple\Mobile Device Support:Win32App_1:$DATA"
    RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\WOW6432Node\Microsoft\Security Center","Svc"
    RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\WOW6432Node\Microsoft\Security Center\Svc","Upgrade"
    RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\WOW6432Node\Microsoft\InputMethod\Chs","DuState"
    RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Microsoft\Security Center\Svc","Upgrade"
    RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Microsoft\InputMethod\Chs","DuState"


    Most of them come from safe softwares or so I think, and the ones in the Pictures folder are super old videos. The ones I bolded were red flagged though. What can you guys tell me? Btw I'm not an English native speaker, so bear with me!

  2. #2
    Member of Team Spybot tashi's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    30,955

    Default

    Hello ritax,

    I see you posted back in March: https://forums.spybot.info/showthrea...lts&highlight=

    There can be many reasons for connection issues, not necessarily caused by malware.

    It might be best for someone to take a look at the system, please see the Malware Removal Forum sticky which includes guidelines and instructions in post #2 on how to provide the logs from Farbar Recovery Scan Tool and aswMBR, which are the logs used in the preliminary analysis.

    http://forums.spybot.info/showthread.php?t=288

    Then start a new topic in that forum providing the logs so a volunteer analyst can assist, also provide a link back to this thread please.

    If you cannot produce the logs please start a new topic anyway and let them know this.

    Best regards.
    Microsoft MVP Reconnect 2018-
    Windows Insider MVP 2016-2018
    Microsoft Consumer Security MVP 2006-2016

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •