davyatsea Posted February 15, 2013 ID:647317 Share Posted February 15, 2013 Hi there. I've looked at a previous post regarding trojan.backdoor.mrx This led me to download roguekiller. I have done this, not deleted any files and the report is attached below. Any advice would be greatly appreciated. Many thanks.RogueKiller V8.5.1 [Feb 12 2013] by Tigzymail : tigzyRK<at>gmail<dot>comFeedback : http://www.geekstogo.com/forum/files/file/413-roguekiller/Website : http://tigzy.geekstogo.com/roguekiller.phpBlog : http://tigzyrk.blogspot.com/Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits versionStarted in : Normal modeUser : david_mcguire [Admin rights]Mode : Scan -- Date : 02/15/2013 10:54:05| ARK || FAK || MBR |¤¤¤ Bad processes : 0 ¤¤¤¤¤¤ Registry Entries : 10 ¤¤¤[HJPOL] HKCU\[...]\System : DisableTaskMgr (0) -> FOUND[HJPOL] HKCU\[...]\System : DisableRegistryTools (0) -> FOUND[HJPOL] HKLM\[...]\System : DisableRegistryTools (0) -> FOUND[HJPOL] HKLM\[...]\Wow6432Node\System : DisableRegistryTools (0) -> FOUND[HJ] HKLM\[...]\System : EnableLUA (0) -> FOUND[HJ] HKLM\[...]\Wow6432Node\System : EnableLUA (0) -> FOUND[HJ SMENU] HKCU\[...]\Advanced : Start_ShowMyGames (0) -> FOUND[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND[sCREENSV][sUSP PATH] HKCU\[...]\Desktop (C:\Windows\SGS Dots.scr) [-] -> FOUND¤¤¤ Particular Files / Folders: ¤¤¤¤¤¤ Driver : [NOT LOADED] ¤¤¤¤¤¤ HOSTS File: ¤¤¤--> C:\Windows\system32\drivers\etc\hosts127.0.0.1 localhost¤¤¤ MBR Check: ¤¤¤+++++ PhysicalDrive0: HITACHI HTS723232A7A364 ATA Device +++++--- User ---[MBR] 14d5ebbc77e0e85f0b8f8938cc3e5e22[bSP] 8d2aca8a95ff776520a04aebf802748f : Windows 7/8 MBR CodePartition table:0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 305243 MoUser = LL1 ... OK!User = LL2 ... OK!Finished : << RKreport[1]_S_02152013_02d1054.txt >>RKreport[1]_S_02152013_02d1054.txtJust wondered what you thought. The previous post suggested that we report the findings to you but dont delete files. Link to post Share on other sites More sharing options...
MrCharlie Posted February 15, 2013 ID:647338 Share Posted February 15, 2013 Maybe a false positive:http://forums.malwar...howtopic=122666Can you post the log from Malwarebytes. MrC Link to post Share on other sites More sharing options...
Maurice Naggar Posted February 18, 2013 ID:648439 Share Posted February 18, 2013 Glad we could help. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread. Other members who need assistance please start your own topic in a new thread. Thanks! Link to post Share on other sites More sharing options...
Recommended Posts