« previous next »
Pages: [1]

Author Topic: PLEASE ANALYZE THIS REPORT  (Read 5000 times)

0 Members and 1 Guest are viewing this topic.

July 03, 2014, 12:55:04 PM

gavias

  • Guest
PLEASE ANALYZE THIS REPORT
« on: July 03, 2014, 12:55:04 PM »
Can you please analyze the report in this link:

http://we.tl/rdvWoLlgwZ


THANK YOU
Logged
Reply #1July 07, 2014, 08:10:56 AM

Tigzy

  • Administrator
  • Hero Member
  • Offline
  • *****
  • 956
  • Reputation:
    91
  • Personal Text
    Owner, Adlice Software
    • View Profile
    • Adlice Software
Re: PLEASE ANALYZE THIS REPORT
« Reply #1 on: July 07, 2014, 08:10:56 AM »
Quote
RogueKiller V9.1.0.0 [Jun 23 2014] by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Website : http://www.adlice.com/softwares/roguekiller/
Blog : http://www.adlice.com

Operating System : Windows XP (5.1.2600 Service Pack 3) 32 bits version
Started in : Normal mode
User : xxxxxxx [Admin rights]
Mode : Scan -- Date : 07/03/2014  11:16:13

¤¤¤ Bad processes : 1 ¤¤¤
[Suspicious.Path] MXOALDR.EXE -- C:\WINDOWS\MXOALDR.EXE[7] -> KILLED [TermProc]

¤¤¤ Registry Entries : 2 ¤¤¤
[Suspicious.Path] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run | MXOBG : C:\WINDOWS\MXOALDR.EXE  -> FOUND
[PUM.DesktopIcons] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1  -> FOUND

¤¤¤ Scheduled tasks : 0 ¤¤¤

¤¤¤ Files : 0 ¤¤¤

¤¤¤ HOSTS File : 4 ¤¤¤
[C:\WINDOWS\System32\drivers\etc\hosts] 127.0.0.1       localhost
[C:\WINDOWS\System32\drivers\etc\hosts]        mailinglistmaster.com
[C:\WINDOWS\System32\drivers\etc\hosts]        www.mailinglistmaster.com
[C:\WINDOWS\System32\drivers\etc\hosts]    

¤¤¤ Antirootkit : 500 ¤¤¤
[EAT:Addr] (explorer.exe) PDFShell.dll - DllCanUnloadNow : C:\Program Files\LibreOffice 4\program\shlxthdl\shlxthdl.dll @ 0x37fe6f0
[EAT:Addr] (explorer.exe) PDFShell.dll - DllGetClassObject : C:\Program Files\LibreOffice 4\program\shlxthdl\shlxthdl.dll @ 0x37fe5d0
[EAT:Addr] (explorer.exe) PDFShell.dll - DllRegisterServer : C:\Program Files\LibreOffice 4\program\shlxthdl\shlxthdl.dll @ 0x38008e0
[EAT:Addr] (explorer.exe) PDFShell.dll - DllUnregisterServer : C:\Program Files\LibreOffice 4\program\shlxthdl\shlxthdl.dll @ 0x3800d40
[EAT:Addr] (firefox.exe) xul.dll - Ebml_EndSubElement : C:\Program Files\Mozilla Firefox\gkmedias.dll @ 0x1410601
...
[EAT:Addr] (firefox.exe) xul.dll - writeVideoTrack : C:\Program Files\Mozilla Firefox\gkmedias.dll @ 0x1410946
[EAT:Addr] (firefox.exe) ShellExtensionU.dll - DllCanUnloadNow : C:\Program Files\LibreOffice 4\program\shlxthdl\shlxthdl.dll @ 0xae5e6f0
[EAT:Addr] (firefox.exe) ShellExtensionU.dll - DllGetClassObject : C:\Program Files\LibreOffice 4\program\shlxthdl\shlxthdl.dll @ 0xae5e5d0
[EAT:Addr] (firefox.exe) ShellExtensionU.dll - DllRegisterServer : C:\Program Files\LibreOffice 4\program\shlxthdl\shlxthdl.dll @ 0xae608e0
[EAT:Addr] (firefox.exe) ShellExtensionU.dll - DllUnregisterServer : C:\Program Files\LibreOffice 4\program\shlxthdl\shlxthdl.dll @ 0xae60d40

¤¤¤ Web browsers : 0 ¤¤¤

Logged
Reply #2July 07, 2014, 08:11:34 AM

Tigzy

  • Administrator
  • Hero Member
  • Offline
  • *****
  • 956
  • Reputation:
    91
  • Personal Text
    Owner, Adlice Software
    • View Profile
    • Adlice Software
Re: PLEASE ANALYZE THIS REPORT
« Reply #2 on: July 07, 2014, 08:11:34 AM »
Thanks, we'll add MXOALDR to the whitelist
As well as shlxthdl and gkmedias DLLs
Logged
Pages: [1]
« previous next »