Jump to content

spagdin

Members
  • Posts

    1
  • Joined

  • Last visited

Reputation

0 Neutral
  1. Hi, My desktop icons are missing and my program files have dissapeared. I can unhide using the unhide.exe tool but the virus just makes them disappear again. I ran RogueKiller and this is the report. Thanks in advance for your help. RogueKiller V7.0.0 [01/26/2012] by Tigzy mail: tigzyRK<at>gmail<dot>com Feedback: http://www.geekstogo.com/forum/files/file/413-roguekiller/ Blog: http://tigzyrk.blogspot.com Operating System: Windows XP (5.1.2600 Service Pack 3) 32 bits version Started in : Normal mode User: CDrylie [Admin rights] Mode: Scan -- Date : 01/26/2012 09:58:17 ¤¤¤ Bad processes: 0 ¤¤¤ ¤¤¤ Registry Entries: 18 ¤¤¤ [sUSP PATH] HKLM\[...]\Run : OA015Mon (C:\WINDOWS\OA015Mon.exe) -> FOUND [HJPOL] HKCU\[...]\System : DisableTaskMgr (1) -> FOUND [HJPOL] HKCU\[...]\Explorer : DisallowRun (1) -> FOUND [HJPOL] HKLM\[...]\System : DisableTaskMgr (1) -> FOUND [HJPOL] HKCU\[...]\Explorer : NoDesktop (1) -> FOUND [HJ] HKCU\[...]\Advanced : Start_ShowMyComputer (0) -> FOUND [HJ] HKCU\[...]\Advanced : Start_ShowSearch (0) -> FOUND [HJ] HKCU\[...]\Advanced : Start_ShowMyDocs (0) -> FOUND [HJ] HKCU\[...]\Advanced : Start_ShowRecentDocs (0) -> FOUND [HJ] HKCU\[...]\Advanced : Start_ShowUser (0) -> FOUND [HJ] HKCU\[...]\Advanced : Start_ShowMyPics (0) -> FOUND [HJ] HKCU\[...]\Advanced : Start_ShowMyGames (0) -> FOUND [HJ] HKCU\[...]\Advanced : Start_ShowMyMusic (0) -> FOUND [HJ] HKCU\[...]\Advanced : Start_ShowControlPanel (0) -> FOUND [HJ] HKCU\[...]\Advanced : Start_ShowHelp (0) -> FOUND [HJ] HKCU\[...]\Advanced : Start_ShowPrinters (0) -> FOUND [HJ] HKCU\[...]\Advanced : Start_ShowSetProgramAccessAndDefaults (0) -> FOUND [HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND ¤¤¤ Particular Files / Folders: ¤¤¤ ¤¤¤ Driver: [LOADED] ¤¤¤ S_SSDT[0] : -> HOOKED ( @ 0x00000000) ¤¤¤ Infection : Root.MBR ¤¤¤ ¤¤¤ HOSTS File: ¤¤¤ 127.0.0.1 localhost 127.0.0.1 www.007guard.com 127.0.0.1 007guard.com 127.0.0.1 008i.com 127.0.0.1 www.008k.com 127.0.0.1 008k.com 127.0.0.1 www.00hq.com 127.0.0.1 00hq.com 127.0.0.1 010402.com 127.0.0.1 www.032439.com 127.0.0.1 032439.com 127.0.0.1 www.0scan.com 127.0.0.1 0scan.com 127.0.0.1 www.1000gratisproben.com 127.0.0.1 1000gratisproben.com 127.0.0.1 1001namen.com 127.0.0.1 www.1001namen.com 127.0.0.1 100888290cs.com 127.0.0.1 www.100888290cs.com 127.0.0.1 www.100sexlinks.com [...] ¤¤¤ MBR Check: ¤¤¤ +++++ PhysicalDrive0: +++++ --- User --- [MBR] 458530009ccbee8a237fb48d276f5b2a [bSP] 0825c0eea16414794d103eee12bf6e36 : Windows XP MBR Code Partition table: 0 - [ACTIVE] FAT32 [VISIBLE] Offset (sectors): 63 | Size: 41948 Mo 1 - [XXXXXX] FAT32 [VISIBLE] Offset (sectors): 81931500 | Size: 208107 Mo User = LL1 ... OK! User != LL2 ... KO! --- LL2 --- [MBR] e9d0accb7ed49a62de04ed102443516a [bSP] 0825c0eea16414794d103eee12bf6e36 : Windows XP MBR Code Partition table: 0 - [XXXXXX] FAT32 [VISIBLE] Offset (sectors): 63 | Size: 41948 Mo 1 - [XXXXXX] FAT32 [VISIBLE] Offset (sectors): 81931500 | Size: 208107 Mo 2 - [ACTIVE] NTFS [HIDDEN!] Offset (sectors): 488392065 | Size: 2 Mo Finished : << RKreport[2].txt >> RKreport[1].txt ; RKreport[2].txt
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.