Adlice forum
Software feedback => RogueKiller => Topic started by: mandarinaduck on January 19, 2015, 11:15:01 PM
-
Hello i'm Mandarinaduck from France.
Could i expect some help from here?
I've just scan my laptop computeur with RogueKiller and
i would like to know if someone can tell me what to do exactly with
the report.
Thanks for your help.
-
Hi Mandarina,
Welcome to Adlice.com Forum.
Are you using a WEB Proxy ?
Please follow the following process as close as possible.
1. Process Dump
- Download Process Explorer (http://live.sysinternals.com/procexp.exe) and save it to your desktop.
- Click on the setup file (procexp.exe) and select Run as Administrator to start the tool.
- Locate the process named chrome.exe, right click select Create Dump > Create Full Dump...
- Save the dump on your desktop, compress it and upload it on Google Drive/Dropbox.
- Share the link in your next reply.
2. Network Check
- Download TCPView (http://live.sysinternals.com/Tcpview.exe), then open it.
- Locate the column "Local Port" and copy/paste the line that has the value 65201 (you can sort the column) in your next reply.
Regards.
-
Dear Curson,
Thanks to help me!!
Are you using a WEB Proxy
I don't know what you mean.
I have an internet box that's what i can say.
1/ Please receive the dump you asked for.
https://drive.google.com/file/d/0B3624ge3BIXaOXJsSEhSSjI4MEk/view?usp=sharing
2/ No line has the value 65201
Regards
-
Hi Mandarina,
A WEB proxy is a server that acts as an intermediary for requests from clients seeking resources from other servers.
Some malwares will redirect requests to a proxy that will make redirects to adsites, for exemple.
Please restart RogueKiller and remove the following entries :
[PUM.Proxy] (X64) HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyEnable : 1
[PUM.Proxy] (X86) HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyEnable : 1
[PUM.Proxy] (X64) HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyEnable : 1
[PUM.Proxy] (X86) HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyEnable : 1
[PUM.Proxy] (X64) HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyServer : http=127.0.0.1:65201;https=127.0.0.1:65201
[PUM.Proxy] (X86) HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyServer : http=127.0.0.1:65201;https=127.0.0.1:65201
[PUM.Proxy] (X64) HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyServer : http=127.0.0.1:65201;https=127.0.0.1:65201
[PUM.Proxy] (X86) HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyServer : http=127.0.0.1:65201;https=127.0.0.1:65201
Please post the report obtained in your next reply.
Regards.
-
Hello,
Please find the new report.
https://drive.google.com/file/d/0B3624ge3BIXaOUxKdEhjNDFmam8/view?usp=sharing (ftp://drive.google.com/file/d/0B3624ge3BIXaOUxKdEhjNDFmam8/view?usp=sharing)
-
Report Attached
-
Hi Mandarina,
The computer seems clean.
Do you still need help ?
If you have any questions, feel free to ask.
Regards.
-
Ok thanks! That's good news.
I'll be back if i need.
Regards.
-
Hi mandarina,
You are welcome.
Regards.