Folder AVG Forums » Other topics » Virus Removal, Tools for Removing » Are These Rootkits Harmful? Thank You!:)
September 28, 2011 13:23 Are These Rootkits Harmful? Thank You!:) #174612
Reply with Quote | Quick Reply | Top
Kipepeo

Avatar

Novice
Join Date: 28.9.2011
Posts: 2
Good Day,

I would just like to know if the following are harmful rootkits. i have actually performed the anti rootkit scan twice. one is prior to cinnecting to the net..and one right afterwards. here are the results:

Before:
"";"<unknown>";"Corrupted section win32k.sys[.text] XLATEOBJ_iXlate+0x130B4, size 8 bytes";"Object is hidden"
"";"<unknown>";"Corrupted section win32k.sys[.text] EngSetLastError+0x84, size 8 bytes";"Object is hidden"
"";"<unknown>";"Inline hook win32k.sys EngRestoreFloatingPointState+0x1128 -> 0xFFFFF95FF88D75E2";"Object is hidden"
"";"<unknown>";"Corrupted section win32k.sys[.text] W32pArgumentTable+0x2A97, size 8 bytes";"Object is hidden"
"";"<unknown>";"Corrupted section win32k.sys[.text] W32pArgumentTable+0x2F4A, size 8 bytes";"Object is hidden"
"";"<unknown>";"Inline hook win32k.sys W32pArgumentTable+0x6AC3 -> 0xFFFFF95FF88FAFED";"Object is hidden"
"";"<unknown>";"Corrupted section win32k.sys[.text] W32pArgumentTable+0x73BB, size 8 bytes";"Object is hidden"
"";"<unknown>";"Corrupted section win32k.sys[.text] W32pArgumentTable+0x7FDC, size 8 bytes";"Object is hidden"
"";"<unknown>";"Corrupted section win32k.sys[.text] W32pArgumentTable+0x98F7, size 8 bytes";"Object is hidden"
"";"<unknown>";"Corrupted section win32k.sys[.text] W32pArgumentTable+0xA077, size 8 bytes";"Object is hidden"
"";"<unknown>";"Corrupted section win32k.sys[.text] W32pArgumentTable+0xC7D9, size 8 bytes";"Object is hidden"
"";"<unknown>";"Corrupted section win32k.sys[.text] W32pArgumentTable+0xC870, size 8 bytes";"Object is hidden"
"";"<unknown>";"Corrupted section win32k.sys[.text] W32pArgumentTable+0xC9E0, size 7 bytes";"Object is hidden"
"";"<unknown>";"Corrupted section win32k.sys[.text] W32pArgumentTable+0x115C5, size 8 bytes";"Object is hidden"
"";"<unknown>";"Corrupted section win32k.sys[.text] EngQuerySystemAttribute+0x13B7, size 8 bytes";"Object is hidden"
"";"<unknown>";"Corrupted section win32k.sys[.text] EngCreateClip+0x14FC, size 8 bytes";"Object is hidden"
"";"<unknown>";"Corrupted section win32k.sys[.text] XLATEOBJ_cGetPalette+0x887, size 8 bytes";"Object is hidden"
"";"<unknown>";"Corrupted section win32k.sys[.text] XLATEOBJ_cGetPalette+0x44F3, size 8 bytes";"Object is hidden"
"";"<unknown>";"Corrupted section win32k.sys[.text] XLATEOBJ_cGetPalette+0x5230, size 8 bytes";"Object is hidden"
"";"<unknown>";"Corrupted section win32k.sys[.text] XLATEOBJ_cGetPalette+0x8218, size 8 bytes";"Object is hidden"
"";"<unknown>";"Corrupted section win32k.sys[.text] XLATEOBJ_cGetPalette+0x865F, size 8 bytes";"Object is hidden"

after:
"";"C:\Windows\Temp\avg-177b0d1b-394c-4954-af9d-1a406764d529.tmp";"Hidden file";"Object is hidden"
"";"C:\Windows\Temp\avg-134ca24b-1649-4063-80fb-8b21d384b819.tmp";"Hidden file";"Object is hidden"
"";"<unknown>";"Corrupted section win32k.sys[.text] XLATEOBJ_cGetPalette+0x5230, size 8 bytes";"Object is hidden"
"";"<unknown>";"Corrupted section win32k.sys[.text] XLATEOBJ_cGetPalette+0x44F3, size 8 bytes";"Object is hidden"
"";"<unknown>";"Corrupted section win32k.sys[.text] XLATEOBJ_cGetPalette+0x865F, size 8 bytes";"Object is hidden"
"";"<unknown>";"Corrupted section win32k.sys[.text] XLATEOBJ_cGetPalette+0x8218, size 8 bytes";"Object is hidden"
"";"<unknown>";"Corrupted section win32k.sys[.text] XLATEOBJ_cGetPalette+0x887, size 8 bytes";"Object is hidden"

i have the Trial Version AVG 2012. i did run super anti spyware and malware bytes and both detected nothing. attached is also the msinfo..um..i read some of the posts and reaad smething about gmer scan? sorry to sound like an idiot but whats that? i have searched it online but i want to make sure i download the right thing. so if yu need it, is it possible to provide a link for it? Thanks! i really appreciate the assisstance, and i really apologize for the trouble.

Very Respectfully,

Kipepeo


September 28, 2011 13:33 Re: Are These Rootkits Harmful? Thank You!:) #174614
Reply with Quote | Quick Reply | Top
BIG AL 43

Avatar

Moderator
Join Date: 19.6.2014
Posts: 0
@ Kipepeo

For info please note that not all rootkit detections are a threat. You can read more in here - Anti-Rootkit False Positives part. Please provide us with both GMER outputs so we can assist you further. They will be analysed by the AVG Team.

The AVG Team are now monitoring this new AVG Forums so someone should spot your posting! They may enter the forum @ anytime.


AVG Free Volunteer ModeratorAVG Free Forum member since - Nov. 27, 2004My total posts on the Old AVG Free Forum - 27,063
Alan
How-To Articles | FAQ | Free Support
September 29, 2011 10:51 Re: Are These Rootkits Harmful? Thank You!:) #174734
Reply with Quote | Quick Reply | Top
Kipepeo

Avatar

Novice
Join Date: 28.9.2011
Posts: 2
GMER FREEZE..

Sir Alan,

I seem to have trouble running the GMER scan. the program freezes and does not respond halfway through the scan. i have already tried running the older version of the program with the same results. are there any other alternative? Thank You
September 29, 2011 20:47 Re: Are These Rootkits Harmful? Thank You!:) #174813
Reply with Quote | Quick Reply | Top
Dusan Obert

Avatar

Administrator
Join Date: 12.8.2009
Posts: 1595
Hello Kipepeo,

There is Superantispyware, Malwarebytes and PC Tools Security installed.
Any of them could be affecting the Anti-Rootkit scan results.
Please read about using more than one security software with active resident part here.

If your computer is not displaying any suspicious behaviour you can simply ignore the detection.
Please note that not all rootkit detections are a threat. You can read more in here - Anti-Rootkit False Positives part.

Thank you
___________________AVG TeamHow-To articles | FAQ | Free Support