Author Topic: help needed  (Read 448 times)

0 Members and 1 Guest are viewing this topic.

February 28, 2017, 05:19:06 pm

lilladybug68

  • Newbie

  • Offline
  • *

  • 1
  • Reputation:
    0
    • View Profile
help needed
« on: February 28, 2017, 05:19:06 pm »
Hi there!

My laptop is not very old and never had problem with it until about 2 weeks ago.
I don't know much about computer. The last thing I did before it starts to slow down and stop responding sometimes (mainly when I want to look at my photos) was to add few more photos on it (my disk is still half empty).
So I first thought I got a virus in my photos but I did an analyse with windows defender and avast and nothing has been found.

I look up on internet and found roguekiller. I did an analyse and 19 threats have been found.
But I don't know which ones are real threats and which aren't, so I don't know how and which one I should delete.

If someone can help me that would be great.

here's the result

RogueKiller V12.9.9.0 (x64) [Feb 27 2017] (Gratuit) par Adlice Software
email : http://www.adlice.com/contact/
Remontées : http://forum.adlice.com
Site web : http://www.adlice.com/fr/download/roguekiller/
Blog : http://www.adlice.com

Système d'exploitation : Windows 10 (10.0.14393) 64 bits version
Démarré en  : Mode normal
Utilisateur : Christine [Administrateur]
Démarré depuis : C:\Program Files\RogueKiller\RogueKiller64.exe
Mode : Scan -- Date : 02/28/2017 16:20:50 (Durée : 00:36:56)

¤¤¤ Processus : 0 ¤¤¤

¤¤¤ Registre : 12 ¤¤¤
[PUP.Gen0] (X64) HKEY_CLASSES_ROOT\CLSID\{BAC72C85-CEC6-4B86-AF06-FA20C259FAB8} (C:\Program Files (x86)\Amazon\Amazon1ButtonApp\Amazon1ButtonBrowserHelper64.dll) -> Trouvé(e)
[PUP.Gen0] (X64) HKEY_CLASSES_ROOT\CLSID\{BD6ECB00-7C4A-4F97-B425-44117F2A7AAE} (C:\Program Files (x86)\Amazon\Amazon1ButtonApp\AmazonAppIE64.dll) -> Trouvé(e)
[PUP.Gen1] (X64) HKEY_CLASSES_ROOT\CLSID\{E4ADC61E-D06A-4E0E-8582-78C809CC8450} (C:\Program Files (x86)\Amazon\Amazon1ButtonApp\AmazonAppIE64.dll) -> Trouvé(e)
[PUP.Gen1] (X64) HKEY_USERS\S-1-5-21-264671538-486966525-2635124330-1001\Software\Host App Service -> Trouvé(e)
[PUP.Gen1] (X86) HKEY_USERS\S-1-5-21-264671538-486966525-2635124330-1001\Software\Host App Service -> Trouvé(e)
[PUP.Gen1] (X64) HKEY_USERS\S-1-5-21-264671538-486966525-2635124330-1001\Software\Microsoft\Windows\CurrentVersion\Uninstall\Host App Service -> Trouvé(e)
[PUP.Gen1] (X86) HKEY_USERS\S-1-5-21-264671538-486966525-2635124330-1001\Software\Microsoft\Windows\CurrentVersion\Uninstall\Host App Service -> Trouvé(e)
[PUM.HomePage] (X64) HKEY_USERS\S-1-5-21-264671538-486966525-2635124330-1001\Software\Microsoft\Internet Explorer\Main | Start Page : http://acer15.msn.com/?pc=ACTE  -> Trouvé(e)
[PUM.HomePage] (X86) HKEY_USERS\S-1-5-21-264671538-486966525-2635124330-1001\Software\Microsoft\Internet Explorer\Main | Start Page : http://acer15.msn.com/?pc=ACTE  -> Trouvé(e)
[PUM.HomePage] (X64) HKEY_USERS\S-1-5-21-264671538-486966525-2635124330-1001\Software\Microsoft\Internet Explorer\Main | Default_Page_URL : http://acer15.msn.com/?pc=ACTE  -> Trouvé(e)
[PUM.HomePage] (X86) HKEY_USERS\S-1-5-21-264671538-486966525-2635124330-1001\Software\Microsoft\Internet Explorer\Main | Default_Page_URL : http://acer15.msn.com/?pc=ACTE  -> Trouvé(e)
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{e25c0b01-a6d7-4cad-8411-0b1114aff58f} | DhcpNameServer : 192.17.128.24 ([United States])  -> Trouvé(e)

¤¤¤ Tâches : 0 ¤¤¤

¤¤¤ Fichiers : 7 ¤¤¤
[PUP.Gen1][Répertoire] C:\ProgramData\DriverSetupUtility -> Trouvé(e)
[PUP.Gen1][Répertoire] C:\Users\Christine\AppData\Local\Host App Service -> Trouvé(e)
[PUP.Gen1][Répertoire] C:\ProgramData\DriverSetupUtility -> Trouvé(e)
[PUP.Gen1][Fichier] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\App Explorer.lnk [LNK@] C:\Users\CHRIST~1\AppData\Local\HOSTAP~1\Engine\HOSTAP~1.EXE  /OPEN"4efc125e5bdfe64bf86cc73a85a9d56ebf10231c" -> Trouvé(e)
[PUP.Gen1][Répertoire] C:\Program Files\Booking.COM -> Trouvé(e)
[PUP.Gen1][Répertoire] C:\Program Files\DriverSetupUtility -> Trouvé(e)
[PUP.Gen1][Fichier] C:\Users\Default\Desktop\App Explorer.lnk [LNK@] C:\Users\CHRIST~1\AppData\Local\HOSTAP~1\Engine\HOSTAP~1.EXE  /OPEN"4efc125e5bdfe64bf86cc73a85a9d56ebf10231c" -> Trouvé(e)

¤¤¤ WMI : 0 ¤¤¤

¤¤¤ Fichier Hosts : 0 ¤¤¤

¤¤¤ Antirootkit : 0 (Driver: Chargé) ¤¤¤

¤¤¤ Navigateurs web : 0 ¤¤¤

¤¤¤ Vérification MBR : ¤¤¤
+++++ PhysicalDrive0: TOSHIBA MQ02ABF050H +++++
--- User ---
[MBR] bbf8e1fe9e650835f832906360597174
[BSP] 4a9ac9310c8f569d8519af81a8955df9 : Empty|VT.Unknown MBR Code
Partition table:
0 - [MAN-MOUNT] EFI system partition | Offset (sectors): 2048 | Size: 100 MB
1 - [MAN-MOUNT] Microsoft reserved partition | Offset (sectors): 206848 | Size: 16 MB
2 - Basic data partition | Offset (sectors): 239616 | Size: 476323 MB
3 - [SYSTEM][MAN-MOUNT] Basic data partition | Offset (sectors): 975749120 | Size: 500 MB
User = LL1 ... OK
User = LL2 ... OK




thank you very much!

Reply #1March 01, 2017, 02:46:46 pm

Curson

  • Global Moderator
  • Hero Member

  • Offline
  • *****

  • 1863
  • Reputation:
    68
    • View Profile
Re: help needed
« Reply #1 on: March 01, 2017, 02:46:46 pm »
Hi Christine,

Welcome to Adlice.com forum.
Your computer is indeed infected by some adwares.

Please select all the [PUP] entries for deletion and then attach RogueKiller deletion report with your next reply.
How is the system running now ?

Regards.