Jump to content

alewin

Members
 View Profile  See their activity

  • Posts

    3

  • Joined

  • Last visited

Reputation

0 Neutral
  1. alewin
    RKreport_SCN_09042014_200526.log FRST.txt Addition.txt
  2. alewin
    RogueKiller V9.2.9.0 (x64) [Jul 11 2014] by Adlice Software mail : http://www.adlice.com/contact/ Feedback : http://forum.adlice.com Website : https://www.adlice.com/softwares/roguekiller/ Blog : http://www.adlice.com Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version Started in : Normal mode User : **** [Admin rights] Mode : Scan -- Date : 09/04/2014 20:05:26 ¤¤¤ Bad processes : 3 ¤¤¤ [suspicious.Path] explorer.exe -- C:\ProgramData\Microsoft\Crypto\RSA64\CryptoProvider.dll[-] -> UNLOADED [suspicious.Path] explorer.exe -- C:\ProgramData\Microsoft\Crypto\RSA64\rsa64.dll[-] -> UNLOADED [suspicious.Path] explorer.exe -- C:\Users\****\AppData\Local\Spoon\3.33.7.409\Spoon.Client.Shell64.dll[-] -> UNLOADED ¤¤¤ Registry Entries : 20 ¤¤¤ [PUM.Proxy] (X64) HKEY_USERS\S-1-5-21-853470554-1097741747-2768350736-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyServer : 103.11.116.46:80 -> FOUND [PUM.Proxy] (X86) HKEY_USERS\S-1-5-21-853470554-1097741747-2768350736-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyServer : 103.11.116.46:80 -> FOUND [PUM.Policies] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | DisableRegistryTools : 0 -> FOUND [PUM.Policies] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | DisableRegistryTools : 0 -> FOUND [PUM.StartMenu] (X64) HKEY_USERS\S-1-5-21-853470554-1097741747-2768350736-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowMyGames : 0 -> FOUND [PUM.StartMenu] (X86) HKEY_USERS\S-1-5-21-853470554-1097741747-2768350736-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowMyGames : 0 -> FOUND [PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> FOUND [PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> FOUND [PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> FOUND [PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> FOUND [PUM.HomePage] (X64) HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome -> FOUND [PUM.HomePage] (X86) HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome -> FOUND [PUM.HomePage] (X64) HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome -> FOUND [PUM.HomePage] (X86) HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome -> FOUND [PUM.SearchPage] (X64) HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main | Search Page : http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch -> FOUND [PUM.SearchPage] (X86) HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main | Search Page : http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch -> FOUND [PUM.SearchPage] (X64) HKEY_USERS\S-1-5-21-853470554-1097741747-2768350736-1001\Software\Microsoft\Internet Explorer\Main | Search Page : http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch -> FOUND [PUM.SearchPage] (X86) HKEY_USERS\S-1-5-21-853470554-1097741747-2768350736-1001\Software\Microsoft\Internet Explorer\Main | Search Page : http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch -> FOUND [PUM.SearchPage] (X64) HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main | Search Page : http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch -> FOUND [PUM.SearchPage] (X86) HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main | Search Page : http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch -> FOUND ¤¤¤ Scheduled tasks : 0 ¤¤¤ ¤¤¤ Files : 0 ¤¤¤ ¤¤¤ HOSTS File : 1 ¤¤¤ [C:\Windows\System32\drivers\etc\hosts] 127.0.0.1 localhost ¤¤¤ Antirootkit : 0 (Driver: LOADED) ¤¤¤ ¤¤¤ Web browsers : 0 ¤¤¤ ¤¤¤ MBR Check : ¤¤¤ +++++ PhysicalDrive0: WDC WD3200BEVT-35ZCT0 ATA Device +++++ --- User --- [MBR] 2a77ff3afde5edd653ebc44eaf212374 [bSP] 1b66cfe1ef848063193276ce984fbc66 : Windows Vista/7/8 MBR Code Partition table: 0 - [XXXXXX] LINUX-SWP (0x42) [VISIBLE] Offset (sectors): 63 | Size: 0 MB 1 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 10240 MB 2 - [XXXXXX] LINUX-SWP (0x42) [VISIBLE] Offset (sectors): 20973568 | Size: 148527 MB 3 - [ACTIVE] LINUX-SWP (0x42) [VISIBLE] Offset (sectors): 325156864 | Size: 146476 MB User = LL1 ... OK User = LL2 ... OK Addition.txt FRST.txt RKreport_SCN_09042014_200526.log
  3. alewin
    How I can delate the virus on explorer.exe.. Avira scan 0 result of virus MalwareBytes 0 result of virus
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.