Rootkit Scan Log

D

dcomlekci

New member
Hello, my internet has problems and i did everything to solve it but still i'm having this problem so i wanted to take a closer look at my system with the Spybot free version. This is the result of the RootAlyzer:

// info: Rootkit removal help file
// copyright: (c) 2008-2016 Safer-Networking Ltd. All rights reserved.

:: RootAlyzer Results
File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\00005109090090400100000000F01FEC:Win32App_1:$DATA"
File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\00005109110000000100000000F01FEC:Win32App_1:$DATA"
File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\000051091A0090400100000000F01FEC:Win32App_1:$DATA"
File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\000051091C0000000100000000F01FEC:Win32App_1:$DATA"
File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\000051091C0090400100000000F01FEC:Win32App_1:$DATA"
File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\000051091E0090400100000000F01FEC:Win32App_1:$DATA"
File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\000051092E0090400100000000F01FEC:Win32App_1:$DATA"
File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\00005109440090400100000000F01FEC:Win32App_1:$DATA"
File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\00005109510090400100000000F01FEC:Win32App_1:$DATA"
File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\00005109511090400100000000F01FEC:Win32App_1:$DATA"
File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\00005109610090400100000000F01FEC:Win32App_1:$DATA"
File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\00005109711090400100000000F01FEC:Win32App_1:$DATA"
File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\00005109810090400100000000F01FEC:Win32App_1:$DATA"
File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\00005109910090400100000000F01FEC:Win32App_1:$DATA"
File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\00005109A10090400100000000F01FEC:Win32App_1:$DATA"
File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\00005109AB0090400100000000F01FEC:Win32App_1:$DATA"
File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\00005109B10090400100000000F01FEC:Win32App_1:$DATA"
File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\00005109B21090400100000000F01FEC:Win32App_1:$DATA"
File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\00005109C20090400100000000F01FEC:Win32App_1:$DATA"
File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\00005109E60090400100000000F01FEC:Win32App_1:$DATA"
File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\00005109F10090400100000000F01FEC:Win32App_1:$DATA"
File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\00005109F100A0C00100000000F01FEC:Win32App_1:$DATA"
File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\00005109F100C0400100000000F01FEC:Win32App_1:$DATA"
File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\1007C6B46D7C017319E3B52CF3EC196E:Win32App_1:$DATA"
File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\126E7DB51979F9D46A02B15A11357B94:Win32App_1:$DATA"
File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\1926E8D15D0BCE53481466615F760A7F:Win32App_1:$DATA"
File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\1D5E3C0FEDA1E123187686FED06E995A:Win32App_1:$DATA"
File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\57DB95FFA664A5D4DA32AA8DC7F54DC4:Win32App_1:$DATA"
File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\5A440F64B8EC691489E4B56D25E563D1:Win32App_1:$DATA"
File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\6A6823D4BA6FA894284A4E0F0425F9D3:Win32App_1:$DATA"
File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\91785D291CBB3CC40AB8659C8E48CCC2:Win32App_1:$DATA"
File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\CFD2C1F142D260E3CB8B271543DA9F98:Win32App_1:$DATA"
File:"Unknown ADS","C:\Users\asus\AppData\Local:0BXWJFZl4Nun3UM2MNg8JoX:$DATA"
File:"Unknown ADS","C:\Users\asus\AppData\Local\Microsoft\Windows\INetCookies:409EGDZQ25QTxPvLzhsf5:$DATA"
File:"Unknown ADS","C:\Users\asus\AppData\Local\Microsoft\Windows\INetCookies:TzX7KHxxSg372P960f0JvY9WE:$DATA"
File:"Unknown ADS","C:\ProgramData\regid.1991-06.com.microsoft:Win32App_1:$DATA"
File:"Unknown ADS","C:\ProgramData\Microsoft\OFFICE:Win32App_1:$DATA"
File:"Unknown ADS","C:\ProgramData\Microsoft\OFFICE\UICaptions:Win32App_1:$DATA"
File:"No admin in ACL","C:\ProgramData\McAfee\Proxy\data"
File:"Unknown ADS","C:\ProgramData\Adobe\Adobe PDF:Win32App_1:$DATA"
File:"Unknown ADS","C:\Program Files (x86)\Adobe:Win32App_1:$DATA"
File:"Unknown ADS","C:\Program Files (x86)\Apple Software Update:Win32App_1:$DATA"
File:"Unknown ADS","C:\Program Files (x86)\Malwarebytes Anti-Malware:Win32App_1:$DATA"
File:"Unknown ADS","C:\Program Files (x86)\Microsoft.NET:Win32App_1:$DATA"
File:"Unknown ADS","C:\Program Files (x86)\QuickTime:Win32App_1:$DATA"
File:"Unknown ADS","C:\Program Files (x86)\REALTEK PCIE Wireless LAN Driver:Win32App_1:$DATA"
File:"Unknown ADS","C:\Program Files (x86)\Shutter:Win32App_1:$DATA"
File:"Unknown ADS","C:\Program Files (x86)\Realtek\NICDRV_8169:Win32App_1:$DATA"
File:"Unknown ADS","C:\Program Files (x86)\Realtek\Realtek Card Reader:Win32App_1:$DATA"
File:"Unknown ADS","C:\Program Files (x86)\NVIDIA Corporation\LED Visualizer:Win32App_1:$DATA"
File:"Unknown ADS","C:\Program Files (x86)\NVIDIA Corporation\NetService:Win32App_1:$DATA"
File:"Unknown ADS","C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience:Win32App_1:$DATA"
File:"Unknown ADS","C:\Program Files (x86)\NVIDIA Corporation\PhysX:Win32App_1:$DATA"
File:"Unknown ADS","C:\Program Files (x86)\NVIDIA Corporation\Update Core:Win32App_1:$DATA"
File:"Unknown ADS","C:\Program Files (x86)\My Company Name\My Product Name:Win32App_1:$DATA"
File:"Unknown ADS","C:\Program Files (x86)\Mozilla Firefox\plugins:Win32App_1:$DATA"
File:"Unknown ADS","C:\Program Files (x86)\Microsoft SQL Server\110\Shared:Win32App_1:$DATA"
File:"Unknown ADS","C:\Program Files (x86)\Microsoft Office\Office15:Win32App_1:$DATA"
File:"Unknown ADS","C:\Program Files (x86)\Microsoft Office\Office15\1033:Win32App_1:$DATA"
File:"Unknown ADS","C:\Program Files (x86)\Microsoft Office\Office15\DCF:Win32App_1:$DATA"
File:"Unknown ADS","C:\Program Files (x86)\Microsoft ASP.NET\ASP.NET MVC 4\Assemblies:Win32App_1:$DATA"
File:"Unknown ADS","C:\Program Files (x86)\Microsoft Analysis Services\AS OLEDB\110\Cartridges:Win32App_1:$DATA"
File:"Unknown ADS","C:\Program Files (x86)\Microsoft Analysis Services\AS OLEDB\110\Resources\1033:Win32App_1:$DATA"
File:"Unknown ADS","C:\Program Files (x86)\McAfee\SiteAdvisor:Win32App_1:$DATA"
File:"Unknown ADS","C:\Program Files (x86)\Intel\iCLS Client:Win32App_1:$DATA"
File:"Unknown ADS","C:\Program Files (x86)\Intel\Intel Collaborative Processor Performance Control:Win32App_1:$DATA"
File:"Unknown ADS","C:\Program Files (x86)\Intel\Intel(R) Management Engine Components:Win32App_1:$DATA"
File:"Unknown ADS","C:\Program Files (x86)\Intel\Intel(R) Processor Graphics:Win32App_1:$DATA"
File:"Unknown ADS","C:\Program Files (x86)\Intel\Intel(R) Security Assist:Win32App_1:$DATA"
File:"Unknown ADS","C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\Lang:Win32App_1:$DATA"
File:"Unknown ADS","C:\Program Files (x86)\ICEpower\AudioWizard:Win32App_1:$DATA"
File:"Unknown ADS","C:\Program Files (x86)\Google\Chrome\Application:Win32App_1:$DATA"
File:"Unknown ADS","C:\Program Files (x86)\Dropbox\DropboxOEM:Win32App_1:$DATA"
File:"Unknown ADS","C:\Program Files (x86)\Common Files\Adobe AIR:Win32App_1:$DATA"
File:"Unknown ADS","C:\Program Files (x86)\Common Files\Microsoft Shared:Win32App_1:$DATA"
File:"Unknown ADS","C:\Program Files (x86)\Common Files\PX Storage Engine:Win32App_1:$DATA"
File:"Unknown ADS","C:\Program Files (x86)\Common Files\System\Ole DB:Win32App_1:$DATA"
File:"Unknown ADS","C:\Program Files (x86)\Common Files\Sonic Shared\PX Drivers:Win32App_1:$DATA"
File:"Unknown ADS","C:\Program Files (x86)\Common Files\PostureAgent\plugins\install:Win32App_1:$DATA"
File:"Unknown ADS","C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15:Win32App_1:$DATA"
File:"Unknown ADS","C:\Program Files (x86)\Common Files\Microsoft Shared\VC:Win32App_1:$DATA"
File:"Unknown ADS","C:\Program Files (x86)\Common Files\Microsoft Shared\VC\amd64:Win32App_1:$DATA"
File:"Unknown ADS","C:\Program Files (x86)\Common Files\Microsoft Shared\VBA\VBA7.1\1033:Win32App_1:$DATA"
File:"Unknown ADS","C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\1033:Win32App_1:$DATA"
File:"Unknown ADS","C:\Program Files (x86)\Common Files\Apple\Apple Application Support:Win32App_1:$DATA"
File:"Unknown ADS","C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Resources:Win32App_1:$DATA"
File:"Unknown ADS","C:\Program Files (x86)\ASUS\APRP:Win32App_1:$DATA"
File:"Unknown ADS","C:\Program Files (x86)\ASUS\ASUS GIFTBOX Desktop:Win32App_1:$DATA"
File:"Unknown ADS","C:\Program Files (x86)\ASUS\ATK Package:Win32App_1:$DATA"
File:"Unknown ADS","C:\Program Files (x86)\ASUS\Splendid:Win32App_1:$DATA"
File:"Unknown ADS","C:\Program Files (x86)\ASUS\USBChargerPlus:Win32App_1:$DATA"
File:"Unknown ADS","C:\Program Files (x86)\ASUS\WebStorage:Win32App_1:$DATA"
File:"Unknown ADS","C:\Program Files (x86)\ASUS\WinFlash:Win32App_1:$DATA"
File:"Unknown ADS","C:\Program Files (x86)\ASUS\USBChargerPlus\Driver:Win32App_1:$DATA"
File:"Unknown ADS","C:\Program Files (x86)\Adobe\Adobe Help:Win32App_1:$DATA"
File:"Unknown ADS","C:\Program Files\CCleaner:Win32App_1:$DATA"
File:"Unknown ADS","C:\Program Files\McAfee:Win32App_1:$DATA"
File:"Unknown ADS","C:\Program Files\Microsoft Office:Win32App_1:$DATA"
File:"Unknown ADS","C:\Program Files\WinRAR:Win32App_1:$DATA"
File:"Unknown ADS","C:\Program Files\NVIDIA Corporation\Control Panel Client:Win32App_1:$DATA"
File:"Unknown ADS","C:\Program Files\NVIDIA Corporation\NvStreamSrv:Win32App_1:$DATA"
File:"Unknown ADS","C:\Program Files\NVIDIA Corporation\ShadowPlay:Win32App_1:$DATA"
File:"Unknown ADS","C:\Program Files\NVIDIA Corporation\Installer2\Display.Driver.{7DB345A6-E6F9-4E74-9BCB-4B13792280F2}:Win32App_1:$DATA"
File:"Unknown ADS","C:\Program Files\NVIDIA Corporation\Installer2\Display.Driver.{949B579E-5C70-40D7-8B5E-B73E4AC483CD}:Win32App_1:$DATA"
File:"Unknown ADS","C:\Program Files\NVIDIA Corporation\Installer2\Display.Optimus.{63CF9AC0-87D0-4FE7-97F6-F9E15A8A5ACD}:Win32App_1:$DATA"
File:"Unknown ADS","C:\Program Files\NVIDIA Corporation\Installer2\Display.Update.{E14BADC3-F46D-4F1A-84C1-68257D767552}:Win32App_1:$DATA"
File:"Unknown ADS","C:\Program Files\NVIDIA Corporation\Installer2\GfExperienceService.{C9A4DED6-11E1-4A4F-B9CD-B4DA9FB985B9}:Win32App_1:$DATA"
File:"Unknown ADS","C:\Program Files\NVIDIA Corporation\Installer2\InstallerCore:Win32App_1:$DATA"
File:"Unknown ADS","C:\Program Files\NVIDIA Corporation\Installer2\ShieldWirelessController.{84262487-A39B-4372-BFEC-F4E07498C6F2}:Win32App_1:$DATA"
File:"Unknown ADS","C:\Program Files\NVIDIA Corporation\Installer2\VirtualAudio.Driver.{1C55219A-033C-46CC-BBBE-4C09F3A6DF11}:Win32App_1:$DATA"
File:"Unknown ADS","C:\Program Files\Microsoft.NET\ADOMD.NET\110:Win32App_1:$DATA"
File:"Unknown ADS","C:\Program Files\Microsoft SQL Server\110\Shared:Win32App_1:$DATA"
File:"Unknown ADS","C:\Program Files\Microsoft Office\Office15:Win32App_1:$DATA"
File:"Unknown ADS","C:\Program Files\Microsoft Office\Office15\1033:Win32App_1:$DATA"
File:"Unknown ADS","C:\Program Files\Microsoft Office\Office15\1033\DataServices:Win32App_1:$DATA"
File:"Unknown ADS","C:\Program Files\Microsoft Analysis Services\AS OLEDB\110\Cartridges:Win32App_1:$DATA"
File:"Unknown ADS","C:\Program Files\Microsoft Analysis Services\AS OLEDB\110\Resources\1033:Win32App_1:$DATA"
File:"Unknown ADS","C:\Program Files\Intel\iCLS Client:Win32App_1:$DATA"
File:"Unknown ADS","C:\Program Files\Intel\Intel(R) Chipset Device Software:Win32App_1:$DATA"
File:"Unknown ADS","C:\Program Files\Intel\Intel(R) Management Engine Components:Win32App_1:$DATA"
File:"Unknown ADS","C:\Program Files\CONEXANT\cAudioFilterAgent:Win32App_1:$DATA"
File:"Unknown ADS","C:\Program Files\CONEXANT\MA4String:Win32App_1:$DATA"
File:"Unknown ADS","C:\Program Files\CONEXANT\SAII:Win32App_1:$DATA"
File:"Unknown ADS","C:\Program Files\CONEXANT\SSPConfig:Win32App_1:$DATA"
File:"Unknown ADS","C:\Program Files\Common Files\DESIGNER:Win32App_1:$DATA"
File:"Unknown ADS","C:\Program Files\Common Files\microsoft shared:Win32App_1:$DATA"
File:"Unknown ADS","C:\Program Files\Common Files\System\Ole DB:Win32App_1:$DATA"
File:"Unknown ADS","C:\Program Files\Common Files\System\MSMAPI\1033:Win32App_1:$DATA"
File:"Unknown ADS","C:\Program Files\Common Files\microsoft shared\OFFICE15:Win32App_1:$DATA"
File:"Unknown ADS","C:\Program Files\Common Files\microsoft shared\VC:Win32App_1:$DATA"
File:"Unknown ADS","C:\Program Files\Common Files\microsoft shared\VSTO\10.0:Win32App_1:$DATA"
File:"Unknown ADS","C:\Program Files\Common Files\microsoft shared\VSTO\10.0\1033:Win32App_1:$DATA"
File:"Unknown ADS","C:\Program Files\Common Files\microsoft shared\OFFICE15\Office Setup Controller\Access.en-us:Win32App_1:$DATA"
File:"Unknown ADS","C:\Program Files\Common Files\microsoft shared\OFFICE15\Office Setup Controller\DCF.en-us:Win32App_1:$DATA"
File:"Unknown ADS","C:\Program Files\Common Files\microsoft shared\OFFICE15\Office Setup Controller\InfoPath.en-us:Win32App_1:$DATA"
File:"Unknown ADS","C:\Program Files\Common Files\microsoft shared\OFFICE15\Office Setup Controller\Lync.en-us:Win32App_1:$DATA"
File:"Unknown ADS","C:\Program Files\Common Files\microsoft shared\OFFICE15\Office Setup Controller\Office.en-us:Win32App_1:$DATA"
File:"Unknown ADS","C:\Program Files\Common Files\microsoft shared\OFFICE15\Office Setup Controller\Office32.en-us:Win32App_1:$DATA"
File:"Unknown ADS","C:\Program Files\Common Files\microsoft shared\OFFICE15\Office Setup Controller\Office32.WW:Win32App_1:$DATA"
File:"Unknown ADS","C:\Program Files\Common Files\microsoft shared\OFFICE15\Office Setup Controller\OneNote.en-us:Win32App_1:$DATA"
File:"Unknown ADS","C:\Program Files\Common Files\microsoft shared\OFFICE15\Office Setup Controller\OSM.en-us:Win32App_1:$DATA"
File:"Unknown ADS","C:\Program Files\Common Files\microsoft shared\OFFICE15\Office Setup Controller\Outlook.en-us:Win32App_1:$DATA"
File:"Unknown ADS","C:\Program Files\Common Files\microsoft shared\OFFICE15\Office Setup Controller\Proofing.en-us:Win32App_1:$DATA"
File:"Unknown ADS","C:\Program Files\Common Files\microsoft shared\OFFICE15\Office Setup Controller\Publisher.en-us:Win32App_1:$DATA"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Microsoft\Security Center\Svc","Upgrade"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Microsoft\InputMethod\Chs","DuState"

Thank you for your help!
 
Hello dcomlekci,

In general items found by the RootAlyzer are not necessarily malicious, the log isn't waving a flag so please provide more information. :)

For instance, the operating system and why you suspect an infection. Also please describe the Internet problems.

Best regards.
 
Sure. My system is Windows 10 and my internet is disconnecting when i download or upload a file bigger than 20mb or when i play a multiplayer game in 5 min. I suspected because i saw that ntoskrnl.exe is using my disk and sometimes my ram between %5 to %70 so i thought that somethings can be wrong in my system.
 
Hi dcomlekci,

ntoskrnl.exe has been linked to as a Windows 10 memory leak.

I suggest starting a topic at What The Tech in this forum: Microsoft Windows™ so that a techie can try to troubleshoot the issue.

If you do that please post the link here so I can follow. :)

Best regards.
 
You must log in or register to reply here.
Back
Top