« previous next »
Pages: [1]

Author Topic: Help with log  (Read 5331 times)

0 Members and 1 Guest are viewing this topic.

September 06, 2017, 03:56:01 AM

Timm129

  • Newbie
  • Offline
  • *
  • 1
  • Reputation:
    0
    • View Profile
Help with log
« on: September 06, 2017, 03:56:01 AM »
Hi all,
I've had this virus since Sept 2nd.  I've tried several programs and not one even Rogue killer can get rid of this one.  I select all and then hit remove selected but it comes back immediately..  After deleting the entries all lines say killed except the first line under registry:RUN.  It says error [5]   The virus seems to block some .exe programs and give me the blue screen once in a while.  Please help ...



RogueKiller V12.11.13.0 (x64) [Sep  4 2017] (Free) by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : https://forum.adlice.com
Website : http://www.adlice.com/download/roguekiller/
Blog : http://www.adlice.com

Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : Timm129 [Administrator]
Started from : C:\Program Files\RogueKiller\RogueKiller64.exe
Mode : Scan -- Date : 09/05/2017 19:52:31 (Duration : 00:55:27)

¤¤¤ Processes : 5 ¤¤¤
[VT.TrojanProxy:Win32/Wonknod.A] unixfjd.exe(2356) -- C:\Users\Timm129\AppData\Local\unixfjd\unixfjd.exe[-] -> Found
[VT.Adware.Yelloader] utcuini.exe(3788) -- C:\Users\Timm129\AppData\Local\unixfjd\utcuini.exe[-] -> Found
[VT.Adware.Yelloader] utcuini.exe(3924) -- C:\Users\Timm129\AppData\Local\unixfjd\utcuini.exe[-] -> Found
[VT.Adware.Yelloader] utcuini.exe(3636) -- C:\Users\Timm129\AppData\Local\unixfjd\utcuini.exe[-] -> Found
[VT.Adware.Yelloader] utcuini.exe(5672) -- C:\Users\Timm129\AppData\Local\unixfjd\utcuini.exe[-] -> Found

¤¤¤ Registry : 3 ¤¤¤
[VT.TrojanProxy:Win32/Wonknod.A] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run | unixfjd : "C:\Users\Timm129\AppData\Local\unixfjd\unixfjd.exe" -starup [-] -> Found
[PUM.Proxy] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\NlaSvc\Parameters\Internet\ManualProxies | (default) :   -> Found
[PUM.Proxy] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\NlaSvc\Parameters\Internet\ManualProxies | (default) :   -> Found

¤¤¤ Tasks : 0 ¤¤¤

¤¤¤ Files : 2 ¤¤¤
[PUP.Gen1][Folder] C:\Users\Timm129\AppData\Local\regtool -> Found
[Tr.GameAssist][Folder] C:\Program Files (x86)\Company\GameAsist -> Found

¤¤¤ WMI : 0 ¤¤¤

¤¤¤ Hosts File : 0 ¤¤¤

¤¤¤ Antirootkit : 0 (Driver: Loaded) ¤¤¤

¤¤¤ Web browsers : 0 ¤¤¤

¤¤¤ MBR Check : ¤¤¤
+++++ PhysicalDrive0: ST31000524AS ATA Device +++++
--- User ---
[MBR] 6a995915d1e1b3446e7f1d99047829a5
[BSP] 3c6943f7aa496a9511a646613b9069bb : Windows Vista/7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 100 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 206848 | Size: 953767 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
User = LL1 ... OK
User = LL2 ... OK
« Last Edit: September 06, 2017, 04:08:56 AM by Timm129 »
Logged
Reply #1September 07, 2017, 03:23:33 PM

Curson

  • Global Moderator
  • Hero Member
  • Offline
  • *****
  • 2809
  • Reputation:
    100
    • View Profile
Re: Help with log
« Reply #1 on: September 07, 2017, 03:23:33 PM »
Hi Timm129,

Welcome to Adlice.com Forum.
Please follow the instruction in shadowwar post and attach MBAR log with your next reply.

Regards.

Note : This thread has been moved to the "Malware removal help" section for clarity.
Logged
Pages: [1]
« previous next »