Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.


Potential rootkit, MPC/Weatherchickn adware, W10:64bit

  • Please log in to reply
1 reply to this topic

#1 Sasstraliss


  • Members
  • 4 posts
  • Local time:10:40 PM

Posted 27 August 2016 - 04:29 AM

From a torrent site, I downloaded a 2005 game that turned out to be malware. ESET went nuts the instant I ran it, claiming TrojanDroppers.


Multiple adware threats came up from scans. I believe I used (not in safe mode):


  • AdwCleaner
  • RKill
  • Junkware Removal Tool
  • TDSSKiller
  • Malwarebytes Anti-Malware
  • Full ESET NOD32 scan
  • Malwarebytes Anti-rootkit (detected MPC)

Not sure which detected what in terms of adware, but I had some sort of BandwidthStat installed, PC Speed Up, MPC, and Weather Chickn.


The torrent had thousands of seeders/leaches (uploaded yesterday), and some of the comments from other torrents from the same uploader leads me to believe there's a rootkit in it as well, and I have no idea if I've gotten rid of it.


Windows 10, 64bit.

Edited by Sasstraliss, 27 August 2016 - 04:37 AM.

BC AdBot (Login to Remove)



#2 Aura


    Bleepin' Special Ops

  • Malware Response Team
  • 19,310 posts
  • Gender:Male
  • Local time:08:10 AM

Posted 29 August 2016 - 10:59 AM

Hi Sasstraliss :)

Are you able to provide the TDSSKiller and Malwarebytes Anti-Rootkit logs so I can check them?

Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users