« previous next »
Pages: [1]   Go Down

Author Topic: Rootkit Detected in Sandbox\Safezone unable to delete  (Read 2744 times)

0 Members and 1 Guest are viewing this topic.

krazy23

  • Guest
Rootkit Detected in Sandbox\Safezone unable to delete
« on: December 17, 2012, 03:23:57 PM »
Hi I ran a full scan on my system this morning, and I got the following results.

C:\avast! sandbox\S-1-5-21-3163310351-259726369-2821834488-1002\C\Uses\MY\AppData\Temp\CRX_DF399A9B283A\GoogleUpdateSetup.exe

C:\avast! sandbox\S-1-5-21-3163310351-259726369-2821834488-1002\C\Uses\MY\AppData\Temp\CRX_DF399A9B283A\ChromeRecovery.exe

Both registered as High threats, Rootkits and Hidden files.

I've tried to delete them using avast but had no luck, any help would be gratefully recieved.

aswMBR version 0.9.9.1707 Copyright(c) 2011 AVAST Software
Run date: 2012-12-17 13:48:13
-----------------------------
13:48:13.247    OS Version: Windows x64 6.1.7601 Service Pack 1
13:48:13.247    Number of processors: 4 586 0x2505
13:48:13.247    ComputerName: MY-PC  UserName: MY
13:48:16.960    Initialize success
13:48:17.085    AVAST engine defs: 12121700
13:48:22.342    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
13:48:22.342    Disk 0 Vendor: ST950042 D005 Size: 476940MB BusType: 3
13:48:22.389    Disk 0 MBR read successfully
13:48:22.389    Disk 0 MBR scan
13:48:22.389    Disk 0 Windows 7 default MBR code
13:48:22.405    Disk 0 Partition 1 00     DE Dell Utility MSDOS5.0       39 MB offset 63
13:48:22.405    Disk 0 Partition 2 80 (A) 07    HPFS/NTFS NTFS        15000 MB offset 81920
13:48:22.420    Disk 0 Partition 3 00     07    HPFS/NTFS NTFS       461899 MB offset 30801920
13:48:22.420    Disk 0 scanning C:\Windows\system32\drivers
13:48:30.106    Service scanning
13:48:45.878    Modules scanning
13:48:45.893    Disk 0 trace - called modules:
13:48:45.924    ntoskrnl.exe CLASSPNP.SYS disk.sys stdcfltn.sys iaStor.sys hal.dll
13:48:45.940    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8005230060]
13:48:45.940    3 CLASSPNP.SYS[fffff88001bc243f] -> nt!IofCallDriver -> [0xfffffa80050e2c50]
13:48:45.956    5 stdcfltn.sys[fffff88001b02c52] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8004f3e050]
13:48:48.732    AVAST engine scan C:\Windows
13:48:50.355    AVAST engine scan C:\Windows\system32
13:50:56.372    AVAST engine scan C:\Windows\system32\drivers
13:51:06.075    AVAST engine scan C:\Users\MY
13:51:35.060    AVAST engine scan C:\ProgramData
13:51:56.978    Scan finished successfully
13:52:09.364    Disk 0 MBR has been saved successfully to "C:\Users\MY\Documents\MBR.dat"
13:52:09.364    The log file has been saved successfully to "C:\Users\MY\Documents\aswMBR.txt"




Logged

Offline essexboy

  • Malware removal instructor
  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 40589
  • Dragons by Sasha
    • Malware fixes
Re: Rootkit Detected in Sandbox\Safezone unable to delete
« Reply #1 on: December 17, 2012, 10:32:38 PM »
C:\avast! sandbox  that is why they are reported hidden ..  They are in the sandbox
Logged
Pages: [1]   Go Up
« previous next »