Results 1 to 2 of 2

Thread: Are these ligit, or Rootkits? Win 10

Threaded View

Previous Post Previous Post   Next Post Next Post
  1. 2016-07-03, 18:31 #1
    WA_HAWK
    WA_HAWK is offline
    Junior Member
    Join Date
    Jul 2016
    Posts
    1

    Default Are these ligit, or Rootkits? Win 10

    Type: File
    Object: 00005109090090400000000000F01FEC:Win32App_1:$DATA
    Location: C:\Windows\Installer\$PatchCache$\Managed\
    Details: Unknown ADS

    Type: File
    Object: 000051091A0090400000000000F01FEC:Win32App_1:$DATA
    Location: C:\Windows\Installer\$PatchCache$\Managed\
    Details: Unknown ADS

    Type: File
    Object: 000051091E0090400000000000F01FEC:Win32App_1:$DATA
    Location: C:\Windows\Installer\$PatchCache$\Managed\
    Details: Unknown ADS

    Type: File
    Object: 000051092E0090400000000000F01FEC:Win32App_1:$DATA
    Location: C:\Windows\Installer\$PatchCache$\Managed\
    Details: Unknown ADS

    Type: File
    Object: 00005109440090400000000000F01FEC:Win32App_1:$DATA
    Location: C:\Windows\Installer\$PatchCache$\Managed\
    Details: Unknown ADS


    Type: File
    Object: 00005109510090400000000000F01FEC:Win32App_1:$DATA
    Location: C:\Windows\Installer\$PatchCache$\Managed\
    Details: Unknown ADS

    Type: File
    Object: 00005109511090400000000000F01FEC:Win32App_1:$DATA
    Location: C:\Windows\Installer\$PatchCache$\Managed\
    Details: Unknown ADS

    Type: File
    Object: 00005109610090400000000000F01FEC:Win32App_1:$DATA
    Location: C:\Windows\Installer\$PatchCache$\Managed\
    Details: Unknown ADS

    Type: File
    Object: 00005109611090400100000000F01FEC:Win32App_1:$DATA
    Location: C:\Windows\Installer\$PatchCache$\Managed\
    Details: Unknown ADS

    Type: File
    Object: 00005109711090400000000000F01FEC:Win32App_1:$DATA
    Location: C:\Windows\Installer\$PatchCache$\Managed\
    Details: Unknown ADS

    Type: File
    Object: 00005109810090400000000000F01FEC:Win32App_1:$DATA
    Location: C:\Windows\Installer\$PatchCache$\Managed\
    Details: Unknown ADS

    Type: File
    Object: 00005109910090400000000000F01FEC:Win32App_1:$DATA
    Location: C:\Windows\Installer\$PatchCache$\Managed\
    Details: Unknown ADS

    Type: File
    Object: 00005109A10090400000000000F01FEC:Win32App_1:$DATA
    Location: C:\Windows\Installer\$PatchCache$\Managed\
    Details: Unknown ADS

    Type: File
    Object: 00005109A20000000100000000F01FEC:Win32App_1:$DATA
    Location: C:\Windows\Installer\$PatchCache$\Managed\
    Details: Unknown ADS

    Type: File
    Object: 00005109A20090400100000000F01FEC:Win32App_1:$DATA
    Location: C:\Windows\Installer\$PatchCache$\Managed\
    Details: Unknown ADS

    Type: File
    Object: 00005109AB0090400000000000F01FEC:Win32App_1:$DATA
    Location: C:\Windows\Installer\$PatchCache$\Managed\
    Details: Unknown ADS

    Type: File
    Object: 00005109B10090400000000000F01FEC:Win32App_1:$DATA
    Location: C:\Windows\Installer\$PatchCache$\Managed\
    Details: Unknown ADS


    Type: File
    Object: 00005109B21090400000000000F01FEC:Win32App_1:$DATA
    Location: C:\Windows\Installer\$PatchCache$\Managed\
    Details: Unknown ADS

    Type: File
    Object: 00005109C20090400000000000F01FEC:Win32App_1:$DATA
    Location: C:\Windows\Installer\$PatchCache$\Managed\
    Details: Unknown ADS

    Type: File
    Object: 00005109E60090400000000000F01FEC:Win32App_1:$DATA
    Location: C:\Windows\Installer\$PatchCache$\Managed\
    Details: Unknown ADS

    Type: File
    Object: 00005109F10090400000000000F01FEC:Win32App_1:$DATA
    Location: C:\Windows\Installer\$PatchCache$\Managed\
    Details: Unknown ADS

    Type: File
    Object: 00005109F100A0C00000000000F01FEC:Win32App_1:$DATA
    Location: C:\Windows\Installer\$PatchCache$\Managed\
    Details: Unknown ADS

    Type: File
    Object: 00005109F100C0400000000000F01FEC:Win32App_1:$DATA
    Location: C:\Windows\Installer\$PatchCache$\Managed\
    Details: Unknown ADS

    Type: File
    Object: 00005119110000000000000000F01FEC:Win32App_1:$DATA
    Location: C:\Windows\Installer\$PatchCache$\Managed\
    Details: Unknown ADS

    Type: File
    Object: 1926E8D15D0BCE53481466615F760A7F:Win32App_1:$DATA
    Location: C:\Windows\Installer\$PatchCache$\Managed\
    Details: Unknown ADS

    Type: File
    Object: 1D5E3C0FEDA1E123187686FED06E995A:Win32App_1:$DATA
    Location: C:\Windows\Installer\$PatchCache$\Managed\
    Details: Unknown ADS

    Type: File
    Object: 2B7A37F2E05E6A93A9CBFE984E6CE263:Win32App_1:$DATA
    Location: C:\Windows\Installer\$PatchCache$\Managed\
    Details: Unknown ADS

    Type: File
    Object: 39103BDF0ADFAAD3CAAC7AE5FE5E6370:Win32App_1:$DATA
    Location: C:\Windows\Installer\$PatchCache$\Managed\
    Details: Unknown ADS

    Type: File
    Object: 6F9E66FF7E38E3A3FA41D89E8A906A4A:Win32App_1:$DATA
    Location: C:\Windows\Installer\$PatchCache$\Managed\
    Details: Unknown ADS

    Type: File
    Object: B8CF35CA81EEC9F3B9950639D7B081C2:Win32App_1:$DATA
    Location: C:\Windows\Installer\$PatchCache$\Managed\
    Details: Unknown ADS

    Type: File
    Object: BCA1BC2A2A49AB231AE5D70813F95798:Win32App_1:$DATA
    Location: C:\Windows\Installer\$PatchCache$\Managed\
    Details: Unknown ADS

    Type: File
    Object: E290642FB0AF8C74D9E3FCC81220398C:Win32App_1:$DATA
    Location: C:\Windows\Installer\$PatchCache$\Managed\
    Details: Unknown ADS

    Type: File
    Object: EFEE0228DC83E77358593193D847A0EC:Win32App_1:$DATA
    Location: C:\Windows\Installer\$PatchCache$\Managed\
    Details: Unknown ADS


    Type: File
    Object: Shop by Variety.htm:StreamedFileState:$DATA
    Location: C:\Users\SHADOW\AppData\Local\Temp\
    Details: Unknown ADS

    Type: File
    Object: regid.1991-06.com.microsoft:Win32App_1:$DATA
    Location: C:\ProgramData\
    Details: Unknown ADS

    Type: File
    Object: LayOut:Win32App_1:$DATA
    Location: C:\ProgramData\SketchUp\SketchUp 2014\
    Details: Unknown ADS

    Type: File
    Object: OFFICE:Win32App_1:$DATA
    Location: C:\ProgramData\Microsoft\
    Details: Unknown ADS

    Type: File
    Object: UICaptions:Win32App_1:$DATA
    Location: C:\ProgramData\Microsoft\OFFICE\
    Details: Unknown ADS

    Type: File
    Object: ATI Technologies:Win32App_1:$DATA
    Location: C:\Program Files (x86)\
    Details: Unknown ADS

    Type: File
    Object: Bethesda.net Launcher:Win32App_1:$DATA
    Location: C:\Program Files (x86)\
    Details: Unknown ADS

    Type: File
    Object: Malwarebytes Anti-Malware:Win32App_1:$DATA
    Location: C:\Program Files (x86)\
    Details: Unknown ADS

    Type: File
    Object: Microsoft Office:Win32App_1:$DATA
    Location: C:\Program Files (x86)\
    Details: Unknown ADS

    Type: File
    Object: Microsoft.NET:Win32App_1:$DATA
    Location: C:\Program Files (x86)\
    Details: Unknown ADS

    Type: File
    Object: VLC:Win32App_1:$DATA
    Location: C:\Program Files (x86)\VideoLAN\
    Details: Unknown ADS

    Type: File
    Object: Ubisoft Game Launcher:Win32App_1:$DATA
    Location: C:\Program Files (x86)\Ubisoft\
    Details: Unknown ADS

    Type: File
    Object: Start10:Win32App_1:$DATA
    Location: C:\Program Files (x86)\Stardock\
    Details: Unknown ADS

    Type: File
    Object: SketchUp 2014:Win32App_1:$DATA
    Location: C:\Program Files (x86)\SketchUp\
    Details: Unknown ADS

    Type: File
    Object: plugins:Win32App_1:$DATA
    Location: C:\Program Files (x86)\Mozilla Firefox\
    Details: Unknown ADS

    Type: File
    Object: Shared:Win32App_1:$DATA
    Location: C:\Program Files (x86)\Microsoft SQL Server\110\
    Details: Unknown ADS

    Type: File
    Object: Office15:Win32App_1:$DATA
    Location: C:\Program Files (x86)\Microsoft Office\
    Details: Unknown ADS

    Type: File
    Object: 1033:Win32App_1:$DATA
    Location: C:\Program Files (x86)\Microsoft Office\Office15\
    Details: Unknown ADS

    Type: File
    Object: DCF:Win32App_1:$DATA
    Location: C:\Program Files (x86)\Microsoft Office\Office15\
    Details: Unknown ADS

    Type: File
    Object: DataServices:Win32App_1:$DATA
    Location: C:\Program Files (x86)\Microsoft Office\Office15\1033\
    Details: Unknown ADS

    Type: File
    Object: Cartridges:Win32App_1:$DATA
    Location: C:\Program Files (x86)\Microsoft Analysis Services\AS OLEDB\110\
    Details: Unknown ADS

    Type: File
    Object: 1033:Win32App_1:$DATA
    Location: C:\Program Files (x86)\Microsoft Analysis Services\AS OLEDB\110\Resources\
    Details: Unknown ADS

    Type: File
    Object: WinX_YouTube_Downloader:Win32App_1:$DATA
    Location: C:\Program Files (x86)\Digiarty\
    Details: Unknown ADS

    Type: File
    Object: DESIGNER:Win32App_1:$DATA
    Location: C:\Program Files (x86)\Common Files\
    Details: Unknown ADS

    Type: File
    Object: Microsoft Shared:Win32App_1:$DATA
    Location: C:\Program Files (x86)\Common Files\
    Details: Unknown ADS

    Type: File
    Object: Ole DB:Win32App_1:$DATA
    Location: C:\Program Files (x86)\Common Files\System\
    Details: Unknown ADS

    Type: File
    Object: 1033:Win32App_1:$DATA
    Location: C:\Program Files (x86)\Common Files\System\MSMAPI\
    Details: Unknown ADS

    Type: File
    Object: OFFICE15:Win32App_1:$DATA
    Location: C:\Program Files (x86)\Common Files\Microsoft Shared\
    Details: Unknown ADS

    Type: File
    Object: VC:Win32App_1:$DATA
    Location: C:\Program Files (x86)\Common Files\Microsoft Shared\
    Details: Unknown ADS

    Type: File
    Object: Access.en-us:Win32App_1:$DATA
    Location: C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\Office Setup Controller\
    Details: Unknown ADS

    Type: File
    Object: DCF.en-us:Win32App_1:$DATA
    Location: C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\Office Setup Controller\
    Details: Unknown ADS

    Type: File
    Object: InfoPath.en-us:Win32App_1:$DATA
    Location: C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\Office Setup Controller\
    Details: Unknown ADS

    Type: File
    Object: Lync.en-us:Win32App_1:$DATA
    Location: C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\Office Setup Controller\
    Details: Unknown ADS

    Type: File
    Object: Office.en-us:Win32App_1:$DATA
    Location: C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\Office Setup Controller\
    Details: Unknown ADS

    Type: File
    Object: Office64.en-us:Win32App_1:$DATA
    Location: C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\Office Setup Controller\
    Details: Unknown ADS

    Type: File
    Object: OneNote.en-us:Win32App_1:$DATA
    Location: C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\Office Setup Controller\
    Details: Unknown ADS

    Type: File
    Object: OSM.en-us:Win32App_1:$DATA
    Location: C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\Office Setup Controller\
    Details: Unknown ADS

    Type: File
    Object: Outlook.en-us:Win32App_1:$DATA
    Location: C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\Office Setup Controller\
    Details: Unknown ADS

    Type: File
    Object: Proofing.en-us:Win32App_1:$DATA
    Location: C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\Office Setup Controller\
    Details: Unknown ADS

    Type: File
    Object: Publisher.en-us:Win32App_1:$DATA
    Location: C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\Office Setup Controller\
    Details: Unknown ADS

    Type: File
    Object: Core-Static:Win32App_1:$DATA
    Location: C:\Program Files (x86)\ATI Technologies\ATI.ACE\
    Details: Unknown ADS

    Type: File
    Object: Welcome:Win32App_1:$DATA
    Location: C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\
    Details: Unknown ADS

    Type: File
    Object: ATK Package:Win32App_1:$DATA
    Location: C:\Program Files (x86)\ASUS\
    Details: Unknown ADS

    Type: File
    Object: ATI Technologies:Win32App_1:$DATA
    Location: C:\Program Files\
    Details: Unknown ADS

    Type: File
    Object: HDA:Win32App_1:$DATA
    Location: C:\Program Files\Realtek\Audio\
    Details: Unknown ADS

    Type: File
    Object: 1033:Win32App_1:$DATA
    Location: C:\Program Files\Microsoft Office\Office15\
    Details: Unknown ADS

    Type: File
    Object: OneNote:Win32App_1:$DATA
    Location: C:\Program Files\Microsoft Office\Office15\
    Details: Unknown ADS

    Type: File
    Object: microsoft shared:Win32App_1:$DATA
    Location: C:\Program Files\Common Files\
    Details: Unknown ADS

    Type: File
    Object: VC:Win32App_1:$DATA
    Location: C:\Program Files\Common Files\microsoft shared\
    Details: Unknown ADS

    Type: File
    Object: 10.0:Win32App_1:$DATA
    Location: C:\Program Files\Common Files\microsoft shared\VSTO\
    Details: Unknown ADS

    Type: File
    Object: 1033:Win32App_1:$DATA
    Location: C:\Program Files\Common Files\microsoft shared\VSTO\10.0\
    Details: Unknown ADS

    Type: File
    Object: Fuel:Win32App_1:$DATA
    Location: C:\Program Files\ATI Technologies\ATI.ACE\
    Details: Unknown ADS

    I deleted all of these BELOW IN RED, but will include them.

    Type: Key
    Object: Svc
    Location: HKLM\SOFTWARE\Wow6432Node\Microsoft\Security Center\
    Details: No admin in ACL

    Type: Key
    Object: Upgrade
    Location: HKLM\SOFTWARE\Wow6432Node\Microsoft\Security Center\Svc\
    Details: No admin in ACL

    Type: Key
    Object: DuState
    Location: HKLM\SOFTWARE\Wow6432Node\Microsoft\InputMethod\Chs\
    Details: No admin in ACL

    Type: Key
    Object: Upgrade
    Location: HKLM\SOFTWARE\Microsoft\Security Center\Svc\
    Details: No admin in ACL

    Type: Key
    Object: DuState
    Location: HKLM\SOFTWARE\Microsoft\InputMethod\Chs\
    Details: No admin in ACL

    As you can see, that's a lot of hits.
    Last edited by tashi; 2016-07-04 at 06:09. Reason: Split off to own topic :-)
    Reply With Quote Reply With Quote
« Previous Thread | Next Thread »

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules