Show Posts
1
Malware removal help / pc super slow, found a couple things with roguek not sure what to do
« on: October 23, 2015, 12:02:40 AM »
heres the report - RogueKiller V10.11.2.0 [Oct 20 2015] by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Website : http://www.adlice.com/software/roguekiller/
Blog : http://www.adlice.com
Operating System : Windows 10 (10.0.10240) 64 bits version
Started in : Normal mode
User : ASAR [Administrator]
Started from : C:\Users\ASAR\Downloads\RogueKiller.exe
Mode : Scan -- Date : 10/22/2015 14:48:27
¤¤¤ Processes : 0 ¤¤¤
¤¤¤ Registry : 2 ¤¤¤
[PUM.StartMenu] (X64) HKEY_USERS\S-1-5-21-624212089-3381747891-1274017755-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowMyGames : 0 -> Found
[PUM.StartMenu] (X86) HKEY_USERS\S-1-5-21-624212089-3381747891-1274017755-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowMyGames : 0 -> Found
¤¤¤ Tasks : 0 ¤¤¤
¤¤¤ Files : 0 ¤¤¤
¤¤¤ Hosts File : 1 ¤¤¤
[C:\Windows\System32\drivers\etc\hosts] 127.0.0.1 localhost
¤¤¤ Antirootkit : 0 (Driver: Not loaded [0xc000036b]) ¤¤¤
¤¤¤ Web browsers : 0 ¤¤¤
¤¤¤ MBR Check : ¤¤¤
+++++ PhysicalDrive0: Radeon R7 +++++
--- User ---
[MBR] bb0b6eac17eda14293831f42485469a4
[BSP] be871590f8085830da5823b64eedad27 : Windows Vista/7/8|VT.Unknown MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 100 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 206848 | Size: 227934 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
2 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 467015680 | Size: 450 MB
3 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 467937280 | Size: 450 MB
User = LL1 ... OK
User = LL2 ... OK
i ran rkill, then adwcleaner and after 360 total secrity and superantispyware and roguekiller. it found this hosts file and those two PUM ones in the registry. im nowhere near a computer expert so i come to you guys looking for answers. Also i should probably do this in safe mode but i havent yet so im gonna do that now..let me know if any of these should be deleted if you can. thanks
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Website : http://www.adlice.com/software/roguekiller/
Blog : http://www.adlice.com
Operating System : Windows 10 (10.0.10240) 64 bits version
Started in : Normal mode
User : ASAR [Administrator]
Started from : C:\Users\ASAR\Downloads\RogueKiller.exe
Mode : Scan -- Date : 10/22/2015 14:48:27
¤¤¤ Processes : 0 ¤¤¤
¤¤¤ Registry : 2 ¤¤¤
[PUM.StartMenu] (X64) HKEY_USERS\S-1-5-21-624212089-3381747891-1274017755-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowMyGames : 0 -> Found
[PUM.StartMenu] (X86) HKEY_USERS\S-1-5-21-624212089-3381747891-1274017755-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowMyGames : 0 -> Found
¤¤¤ Tasks : 0 ¤¤¤
¤¤¤ Files : 0 ¤¤¤
¤¤¤ Hosts File : 1 ¤¤¤
[C:\Windows\System32\drivers\etc\hosts] 127.0.0.1 localhost
¤¤¤ Antirootkit : 0 (Driver: Not loaded [0xc000036b]) ¤¤¤
¤¤¤ Web browsers : 0 ¤¤¤
¤¤¤ MBR Check : ¤¤¤
+++++ PhysicalDrive0: Radeon R7 +++++
--- User ---
[MBR] bb0b6eac17eda14293831f42485469a4
[BSP] be871590f8085830da5823b64eedad27 : Windows Vista/7/8|VT.Unknown MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 100 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 206848 | Size: 227934 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
2 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 467015680 | Size: 450 MB
3 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 467937280 | Size: 450 MB
User = LL1 ... OK
User = LL2 ... OK
i ran rkill, then adwcleaner and after 360 total secrity and superantispyware and roguekiller. it found this hosts file and those two PUM ones in the registry. im nowhere near a computer expert so i come to you guys looking for answers. Also i should probably do this in safe mode but i havent yet so im gonna do that now..let me know if any of these should be deleted if you can. thanks
