Jump to content

XING, a chinese rootkit ? Or falsepositive ?1


Recommended Posts

Hello, is this, https://play.google.com/store/apps/details?id=com.xing.android&hl=de

A Malware Source ?

A false positive, or what ?

I have used it in the past.

Whats going on in this issue ?

Malwarebytes Anti-Rootkit BETA 1.9.3.1001
www.malwarebytes.org

Database version:
  main:    v2017.06.03.03
  rootkit: v2017.05.27.01

Malwarebytes Anti-Rootkit BETA 1.9.3.1001
www.malwarebytes.org

Database version:
  main:    v2017.06.03.03
  rootkit: v2017.05.27.01

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.18665
XXXXXXXXXXXXXXXXXXXXXXXXX

03.06.2017 21:30:00
mbar-log-2017-06-03 (21-30-00).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 276748
Time elapsed: 13 minute(s), 36 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 1
C:\XXXXXT\AppData\Local\Temp\DMR (Adware.ChinAd) -> Delete on reboot. [507fca706d3c50e6ec00d59205fc39c7]

Files Detected: 1
C:\XXXXX\AppData\Local\Temp\DMR\alfyepuzwvowsynu.dat (Adware.ChinAd) -> Delete on reboot. [507fca706d3c50e6ec00d59205fc39c7]

Physical Sectors Detected: 0
(No malicious items detected)

(end)

MAM

 

Edited by MAM
Link to post
Share on other sites

I don't really understand your question.

If you want to install Android apps on Windows, you need to install an Android emulator (like BlueStacks), and even there, the apps will be contained in that emulator and won't spread to the Windows system.

Edited by Aura
Link to post
Share on other sites

Hi MAM (long time since I posted to you),

For both .. AppData\Local\Temp\DMR (Adware.ChinAd)
and ... Local\Temp\DMR\alfyepuzwvowsynu.dat (Adware.ChinAd)

Run updated AdwCleaner, then download and run Temp File Cleaner TFC By Old Timer as administrator.
It seems this is just Adware not Rootkit .

Then run a standard Malwarebytes Scan to check, and it should not be there. The same items appear on Bleeping Computer scans and other forums.

Regards ..

If exile360 or AdvancedSetup offer other advice, listen to them

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.