Jump to content

stefant205

Members
 View Profile  See their activity

  • Posts

    2

  • Joined

  • Last visited

 Content Type 

Posts posted by stefant205

    SVCHOST.EXE virus

    in Resolved Malware Removal Logs

    Posted

    RogueKiller V7.6.0 [06/26/2012] by Tigzy

    mail: tigzyRK<at>gmail<dot>com

    Feedback: http://www.geekstogo.com/forum/files/file/413-roguekiller/

    Blog: http://tigzyrk.blogspot.com

    Operating System: Windows 7 (6.1.7600 ) 64 bits version

    Started in : Normal mode

    User: stefan [Admin rights]

    Mode: Scan -- Date: 06/27/2012 12:09:50

    ¤¤¤ Bad processes: 2 ¤¤¤

    [sUSP PATH] SansaDispatch.exe -- C:\Users\stefan\AppData\Roaming\SanDisk\Sansa Updater\SansaDispatch.exe -> KILLED [TermProc]

    [sVCHOST] svchost.exe -- \\.\globalroot\systemroot\svchost.exe -> KILLED [TermProc]

    ¤¤¤ Registry Entries: 4 ¤¤¤

    [sUSP PATH] HKCU\[...]\Run : SansaDispatch (C:\Users\stefan\AppData\Roaming\SanDisk\Sansa Updater\SansaDispatch.exe) -> FOUND

    [sUSP PATH] HKUS\S-1-5-21-762087144-2274054702-484051614-1001[...]\Run : SansaDispatch (C:\Users\stefan\AppData\Roaming\SanDisk\Sansa Updater\SansaDispatch.exe) -> FOUND

    [HJ] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND

    [HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

    ¤¤¤ Particular Files / Folders: ¤¤¤

    ¤¤¤ Driver: [NOT LOADED] ¤¤¤

    ¤¤¤ Infection : Root.MBR ¤¤¤

    ¤¤¤ HOSTS File: ¤¤¤

    127.0.0.1 localhost

    127.0.0.1 activate.adobe.com

    127.0.0.1 3dns-3.adobe.com

    127.0.0.1 adobe-dns-2.adobe.com

    127.0.0.1 adobe-dns-3.adobe.com

    127.0.0.1 ereg.wip3.adobe.com

    127.0.0.1 activate-sea.adobe.com

    127.0.0.1 wip3.adobe.com

    127.0.0.1 wwis-dubc1-vip60.adobe.com

    127.0.0.1 activate-sjc0.adobe.com

    127.0.0.1 practivate.adobe.com

    127.0.0.1 ereg.adobe.com

    127.0.0.1 activate.wip3.adobe.com

    127.0.0.1 3dns-2.adobe.com

    127.0.0.1 adobe-dns.adobe.com

    ::1 localhost

    ¤¤¤ MBR Check: ¤¤¤

    +++++ PhysicalDrive0: TOSHIBA MK1655GSX ATA Device +++++

    --- User ---

    [MBR] a11c6fe4ce8de67d24e614096954536a

    [bSP] d268c96f26857577e76094e5a86a46b9 : Windows 7 MBR Code

    Partition table:

    0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 152617 Mo

    User = LL1 ... OK!

Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.