Jump to content

Unknown.Rootkit.Driver - not a threat?


Recommended Posts

On my last scan I get the following as flaged malware

 

Unknown.Rootkit.Driver, C:\WINDOWS\SYSTEM32\drivers\1394ohci.sys, Replace-on-Reboot, [1b00662092f9f9568b995902f0cc40d5],

Unknown.Rootkit.Driver, C:\WINDOWS\SYSTEM32\drivers\acpi.sys, Replace-on-Reboot, [6f11e88748cdefd2f76aa215f97ddfe5],

Unknown.Rootkit.Driver, C:\WINDOWS\SYSTEM32\drivers\acpipmi.sys, Replace-on-Reboot, [63b05a0420ce4bf0e4af6dcc7cada254],

Unknown.Rootkit.Driver, C:\WINDOWS\SYSTEM32\drivers\afd.sys, Replace-on-Reboot, [b9384e03479d2506bc924c16a3db87bc],

Unknown.Rootkit.Driver, C:\WINDOWS\SYSTEM32\drivers\amdsata.sys, Replace-on-Reboot,[7a4b413614c055935567cf88a9734d38],

Unknown.Rootkit.Driver, C:\WINDOWS\SYSTEM32\drivers\amdxata.sys, Replace-on-Reboot, [b4ad0cacbab298671dd6f6ef7e20679d],

Unknown.Rootkit.Driver, C:\WINDOWS\SYSTEM32\drivers\appid.sys, Replace-on-Reboot, [42fd751b27fa0e9c69bb39f39e409594],

 

When i search these they appear to be valid files. Do I remove them or leave them?

 

Thanks

Rich

 

Link to post
Share on other sites

No, do not remove them. Please post the entire FULL log so that we can get a better look at what version and database you're using please.

Full log:

Malwarebytes Anti-Malware

www.malwarebytes.org

Scan Date: 8/14/2014

Scan Time: 2:50:34 PM

Logfile: scan results.txt

Administrator: Yes

 

Version: 2.00.2.1012

Malware Database: v2014.08.14.09

Rootkit Database: v2014.08.04.01

License: Premium

Malware Protection: Enabled

Malicious Website Protection: Enabled

Self-protection: Disabled

 

OS: Windows 7 Service Pack 1

CPU: x64

File System: NTFS

User: Richard

Scan Type: Threat Scan

Result: Completed

Objects Scanned: 299801

Time Elapsed: 10 min, 0 sec

 

Memory: Enabled

Startup: Enabled

Filesystem: Enabled

Archives: Enabled

Rootkits: Enabled

Heuristics: Enabled

PUP: Enabled

PUM: Enabled

Processes: 0

(No malicious items detected)

 

Modules: 0

(No malicious items detected)

Registry Keys: 0

(No malicious items detected)

 

Registry Values: 0

(No malicious items detected)

Registry Data: 0

(No malicious items detected)

 

Folders: 0

(No malicious items detected)

Files: 0

(No malicious items detected)

Unknown.Rootkit.Driver, C:\WINDOWS\SYSTEM32\drivers\1394ohci.sys, Replace-on-Reboot, [1b00662092f9f9568b995902f0cc40d5],

Unknown.Rootkit.Driver, C:\WINDOWS\SYSTEM32\drivers\acpi.sys, Replace-on-Reboot, [6f11e88748cdefd2f76aa215f97ddfe5],

Unknown.Rootkit.Driver, C:\WINDOWS\SYSTEM32\drivers\acpipmi.sys, Replace-on-Reboot, [63b05a0420ce4bf0e4af6dcc7cada254],

Unknown.Rootkit.Driver, C:\WINDOWS\SYSTEM32\drivers\afd.sys, Replace-on-Reboot, [b9384e03479d2506bc924c16a3db87bc],

Unknown.Rootkit.Driver, C:\WINDOWS\SYSTEM32\drivers\amdsata.sys, Replace-on-Reboot, [7a4b413614c055935567cf88a9734d38],

Unknown.Rootkit.Driver, C:\WINDOWS\SYSTEM32\drivers\amdxata.sys, Replace-on-Reboot, [b4ad0cacbab298671dd6f6ef7e20679d],

Unknown.Rootkit.Driver, C:\WINDOWS\SYSTEM32\drivers\appid.sys, Replace-on-Reboot, [42fd751b27fa0e9c69bb39f39e409594],

Physical Sectors: 0

(No malicious items detected)

 

(end)

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.