Unknown file found in RogueKiller?

[somerandom]

Hello, today I ran Roguekiller, and for the first time it displayed a "Potential Malware" file known as "agldiaod.sys". I have never heard of this name and never found it before on Roguekiller. Google shows nothing.

[Curson]

Hi somerandom,

Welcome to Adlice.com Forum.
Could you please attach RogueKiller full report with your next reply ?

Regards.

[somerandom]

RogueKiller Anti-Malware V13.0.8.0 (x64) [Nov  6 2018] (Free) by Adlice Software
mail : https://adlice.com/contact/
Website : https://adlice.com/download/roguekiller/
Operating System : Windows 10 (10.0.17763) 64 bits
Started in : Normal mode
User : Win10Ent [Administrator]
Started from : J:\Users\Asus2\Downloads\New folder\RogueKiller_portable64.exe
Mode : Standard Scan, Delete -- Date : 2018/11/12 20:00:53 (Duration : 00:04:19)

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Delete ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
[Suspicious.Path (Potentially Malicious)] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\agldiaod -- [%localappdata%\Temp\agldiaod.sys] -> Deleted
[PUM.StartMenu (Potentially Malicious)] HKEY_USERS\S-1-5-21-1767181348-1774727636-3438978190-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced|Start_TrackProgs --  -> Replaced (1)
[PUM.StartMenu (Potentially Malicious)] HKEY_USERS\S-1-5-21-1767181348-1774727636-3438978190-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced|Start_TrackProgs --  -> Replaced (1)

This was the log from the reported incident. I'm still unsure as to what agldiaod.sys is. Other software finds nothing like this.

[Curson]

Hi somerandom,

This is indeed quite strange.
Could you please attach the corresponding JSON report showing these detections ?

Regards.

[somerandom]

Json. attached.

[Curson]

Hi somerandom,

Thanks. Your computer is safe.
The file that was detected is GMER kernel-mode driver. Since its name is random-generated, it's normal that Google didn't find anything.

Regards.