14 Rootkits, Removal Help Needed

[Berxerker]

Ok so, to start this, I have an ASUS K53SV-B1 Laptop, whose specs. are these:

Intel Core i7 2630QM
Nvidia GT540M
6GB RAM
5'400RPM HDD, 640GB
15.6" Inch Screen
Microsoft Windows 7 Home Premium 64-bit

The problem is, today I felt curious, and ran a scan with Avast! Free Antivirus to detect 14 rootkits in my "winsx" folder. Me, being paranoid over my laptop (because of what it costed) run a boot-time scan, and here I am, waiting at 96% for results.

What happened? Well, yesterday my Microsoft Office trial decided to give up on me, and my dad decided he'd buy today the full student version. I put the laptop away, knowing it won't be exactly safe…

After school, I receive the laptop with a "I tried to get Microsoft Office free, but couldn't. Will try tomorrow". I immediately think *So he may have had used unsafe websites and stuff? Damn…*

I boot the laptop, run a scan immediately (As said before, Avast) to stop at 24% because it "had found 14 rootkits"… I panicked. As Avast said, I am running a boot-time scan to eliminate the rootkits now, and well, I haven't found a single one of them. Not even ONE. A few corrupted ZIP files I always find in there, but nothing. No malware.

Now, I am going even more paranoid with this. Is there anything I can do?

1.) Will System Restore go back to a week before, when laptop was normally operating?
2.) If system restore fails, shall a Factory Reset be?
3.) As my paranoia has taken me this far already, I have no idea what to do. Really, I don't. Could you help, please?

 

[chev65]

14 rootkits?

Save what you can and punt "reformat" the Op system, I'd never trust that Op system again and I mean not for anything.

 

[Berxerker]

14 rootkits?

Save what you can and punt "reformat" the Op system, I'd never trust that Op system again and I mean not for anything.

Will a factory reset work? Eliminating the rootkits? By the way, lol, right now it isn't really slow, I haven't noticed anything, but whenever I go to Avast, and then Scan Logs, I find the one saying "Infected" and whenever I place "Delete" it says "[5] Access Denied".

Boot-time scan didn't detect anything.

Windows Defender quick scan didn't detect anything.

I have +19 Windows Updates to do, had zero yesterday. This is freaking me out. I suppose I'll just update them and well, try scanning again…

 

[Berxerker]

Please, just answer this.


Will a factory reset delete the rootkits? I have never ever poked the "D:" partition, so I don't know why it wouldn't work.

 

[kegobeer]

Do the factory reset.

 

[Berxerker]

I also have a few discs containing:

- My Library (not very useful)
- 4 DVD's Containing **FACTORY RESET STATE HDD**
- System Recovery Disk!


I'd really prefer to use the built-in factory reset though.


By the way, I haven't noticed but my PC hasn't slowed down… maybe a little, due to updates, but I have not seen any proof of a malware currently existing, except the Avast scan, which any scan I do now will not show me any malware…

 

[C-11]

Save your important files to a ex hard drive, flash drive or CD/DVD.

Then do a factory restore.

 

[Berxerker]

I have no important files. I only care about the laptop and the software for it to work, not for info it has, as it has nothing :3. I am basically only caring about the money invested in laptop xD, as I store my things on an USB drive safely each week, but didn't do it last week…


Will I care about a factory restore? Maybe, will feel like I have no other option but to do that each time I get a rootkit (each eon probably, will just keep my laptop to myself and stay with my safe browsing).

Will I care about information lost? Meh, a bit, as it's probably lost forever but, I had nothing worth money there. All school assignments, handed in. All class notes, somewhere else.

 

[Jacee]

Can you copy and paste CKScanner 'log'?

Download CKScanner by askey127 from HERE
Important - Save it to your desktop.
Doubleclick CKScanner.exe and click Search For Files.
After a very short time, when the cursor hourglass disappears, click Save List To File.
A message box will verify the file saved.
Double-click the CKFiles.txt icon on your desktop and copy/paste the contents in your next reply.

 

[Berxerker]

I haven't run any scan yet, but oddly, I have not seen, after boot-time scans and full scans, plus quick scans, any trace of the rootkits. Should I just stay like it is?

 

[Jacee]

I haven't run any scan yet, but oddly, I have not seen, after boot-time scans and full scans, plus quick scans, any trace of the rootkits. Should I just stay like it is?

And... Can you copy and paste CKScanner 'log', please?

 

[elstupido]

I haven't run any scan yet, but oddly, I have not seen, after boot-time scans and full scans, plus quick scans, any trace of the rootkits. Should I just stay like it is?

Do what jacee said Avast finding 14 rootkits sound strange to me.:shock:

 

[Berxerker]

I don't have my laptop at the moment, left it to my dad so he could install Microsoft Office Student Version 2010, and I asked him to do a factory restore.

Yesterday I ran aswMBR (Out of curiosity) and I "think" it didn't find anything in the MBR, and Malwarebytes has only found 1 PUP, not a virus.

As soon as I get back home I'll run CKScanner and post logs in a post.

My laptop has not showed performance decrease, only my mind due to paranoia :/

 

[Berxerker]

I am about to begin the CKScan, and well, some other things about how has the computer been so far:

-Applied some Windows Updates, except the SP1 which I never seem to install… code 800B0100. This is usual, so I don't really get stressed.

- Ran TDSSKiller, just to kill my worries, and nothing found. Downloaded straight from Kaspersky's website.

- Quickly checked Task Manager and Resource Monitor to notice the usual 2.2 GB of RAM consumed by everything (services, programs, Steam, etc.) and I don't know if it's normal for processor speed to rise up to 20% when running an Avast full scan?

- Ran another full scan, clean, with the usual "Air Display" dll's not being fully scanned because Avast reached the end of the file.

- Ran IE, to access websites, such as Avast's and other security related websites, no problem.


So, if there were a rootkit hidden, it must of have some sort of virtual intelligence to avoid me xD… I'll post CKScan log ASAP.

 

[Berxerker]

Also, all my virus definitions are updated, or so I suppose. Will download Windows Defender Offline just for fun, and get it to my empty USB drive for future problems… also to scan when CKScan ends :3