Haven't been online here since the post
"Fake svchost.exe trojan created in windows temp folder, xxx.tmp/svchost.exe connects to Russian URL 18.104.22.168"
And the only solution elise025
came throw in the end was a quick re-format
But since i used my usb pendrive and took files over from my computer to my dads which had this Rootkit problem
it might have been corrupted or something so im asking you all after read my problem to analyze my Registry
Every time i try shutting down computer with Start -> shut down my explorer.exe crashes
Only first time i press the button, and the "Data execution prevention"
(close message) Windows Explorer - Microsoft corporation
I looked into the Event viewer and it was the Winlogon service or something: Message: The shell stopped unexpectedly and %1 was restarted
Explanation: the shell was stopped and then restarted.
By default, the shell is explorer.exe; however, you might have a customized shell
source : winlogon
I have checked with following scanners for viruses and modified mbr
Does anyone haved the same problem, or could help me? thanks on forehand