Jump to content

joerivs

Members
  • Posts

    3
  • Joined

  • Last visited

Reputation

0 Neutral
  1. Charlie, it's gone, thank you very much! kind regards
  2. i forgot to mention that malwarebytes detected one registry value being HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows|Load (Trojan.Ransom) -> Data: C:\Users\Docent\LOCALS~1\Temp\msixgrq.bat
  3. Hi, I ran malwarebytes and it picked up 2 infections. When i restarted it still showed one left which is a trojan.ransom. Here's the report from Roguekiller: RogueKiller V8.1.0 [09/28/2012] by Tigzy mail: tigzyRK<at>gmail<dot>com Feedback: http://www.geekstogo.com/forum/files/file/413-roguekiller/ Website: http://tigzy.geekstogo.com/roguekiller.php Blog: http://tigzyrk.blogspot.com Operating System: Windows 7 (6.1.7601 Service Pack 1) 64 bits version Started in : Normal mode User : Docent [Admin rights] Mode : Scan -- Date : 09/29/2012 21:25:23 ¤¤¤ Bad processes : 0 ¤¤¤ ¤¤¤ Registry Entries : 5 ¤¤¤ [sHELL][Rans.Gendarm] HKCU\[...]\Windows : Load (C:\Users\Docent\LOCALS~1\Temp\msixgrq.bat) -> FOUND [sHELL][Rans.Gendarm] HKUS\S-1-5-21-2297646964-2413351053-2194149073-1002[...]\Windows : Load (C:\Users\Docent\LOCALS~1\Temp\msixgrq.bat) -> FOUND [HJ SMENU] HKCU\[...]\Advanced : Start_ShowMyGames (0) -> FOUND [HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND [HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND ¤¤¤ Particular Files / Folders: ¤¤¤ ¤¤¤ Driver : [NOT LOADED] ¤¤¤ ¤¤¤ Infection : Rans.Gendarm ¤¤¤ ¤¤¤ HOSTS File: ¤¤¤ --> C:\Windows\system32\drivers\etc\hosts ¤¤¤ MBR Check: ¤¤¤ +++++ PhysicalDrive0: ST9320423AS +++++ --- User --- [MBR] a0410f327cd56d1a41ef7c600c92c810 [bSP] 7c49e46d72fd890fea0ca11df6b6d830 : Windows Vista MBR Code Partition table: 0 - [XXXXXX] FAT16 (0x06) [VISIBLE] Offset (sectors): 63 | Size: 39 Mo 1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 81920 | Size: 15000 Mo 2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 30801920 | Size: 290204 Mo User = LL1 ... OK! User = LL2 ... OK! Finished : << RKreport[1].txt >> RKreport[1].txt Thank you in advance
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.