Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.


Messages - BillParker

Pages: [1]
1
Malware removal help / Re: Root Keylogger
« on: December 30, 2014, 06:50:44 PM »
RogueKiller V10.1.1.0 (x64) [Dec 23 2014] by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Website : http://www.adlice.com/softwares/roguekiller/
Blog : http://www.adlice.com

Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : Relax [Administrator]
Mode : Scan -- Date : 12/30/2014  11:17:01

¤¤¤ Processes : 0 ¤¤¤

¤¤¤ Registry : 6 ¤¤¤
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters | DhcpNameServer : 10.128.128.128  -> Found
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters | DhcpNameServer : 10.128.128.128  -> Found
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters | DhcpNameServer : 10.128.128.128  -> Found
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{0AAB602D-30F1-4657-931A-FD8197C3902F} | DhcpNameServer : 10.128.128.128  -> Found
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{0AAB602D-30F1-4657-931A-FD8197C3902F} | DhcpNameServer : 10.128.128.128  -> Found
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters\Interfaces\{0AAB602D-30F1-4657-931A-FD8197C3902F} | DhcpNameServer : 10.128.128.128  -> Found

¤¤¤ Tasks : 0 ¤¤¤

¤¤¤ Files : 0 ¤¤¤

¤¤¤ Hosts File : 0 ¤¤¤

¤¤¤ Antirootkit : 2 (Driver: Loaded) ¤¤¤
[Filter(Root.Keylogger)] \Driver\kbdclass @ \Device\KeyboardClass2 : \Driver\SynTP @ \Device\00000082 (\SystemRoot\system32\DRIVERS\FwLnk.sys)
[Filter(Root.Keylogger)] \Driver\kbdclass @ \Device\KeyboardClass0 : \Driver\SynTP @ \Device\00000070 (\SystemRoot\system32\DRIVERS\FwLnk.sys)

¤¤¤ Web browsers : 0 ¤¤¤

¤¤¤ MBR Check : ¤¤¤
+++++ PhysicalDrive0: ST9500325AS +++++
--- User ---
[MBR] 29d01b0b9268ccf78551fec292f699cf
[BSP] c3795601d96ffaea385bdd3005be7ae0 : HP MBR Code
Partition table:
0 - [ACTIVE] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 1500 MB
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 3074048 | Size: 464879 MB
2 - [XXXXXX] NTFS (0x17) [HIDDEN!] Offset (sectors): 955146240 | Size: 10560 MB
User = LL1 ... OK
User = LL2 ... OK


============================================
RKreport_DEL_12272014_212034.log - RKreport_DEL_12302014_103749.log - RKreport_SCN_12272014_205329.log - RKreport_SCN_12302014_101920.log

2
Malware removal help / Re: Root Keylogger
« on: December 30, 2014, 06:49:30 PM »
How do I post it?

3
Malware removal help / Root Keylogger
« on: December 30, 2014, 06:41:14 PM »
Have ran RogueKiller three times.  Just ran it for the third time and Under "Registry" it found 6 items all type PUM.Dns.  Under "AntiRootkit" it found several items that it highlighted green and two items it highlighted red.  The two red items are listed under Detection as Filter: (Root.Keylogger).  I have no idea how to proceed - what to do.  Please help.

Can I simply "Restore" the computer to an earlier time to get rid of any malware/virus/key.logger/etc.?

Pages: [1]