Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Am i infected?


  • This topic is locked This topic is locked
1 reply to this topic

#1 diaz209

diaz209

  • Members
  • 28 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Jamaica
  • Local time:04:12 AM

Posted 05 May 2013 - 06:54 AM

here is the rogue killer log, 

 

 

 

RogueKiller V8.5.4 [Mar 18 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
 
Operating System : Windows 7 (6.1.7601 Service Pack 1) 32 bits version
Started in : Normal mode
User : PatricK [Admin rights]
Mode : Scan -- Date : 05/05/2013 06:21:57
| ARK || FAK || MBR |
 
¤¤¤ Bad processes : 0 ¤¤¤
 
¤¤¤ Registry Entries : 2 ¤¤¤
[HJ DESK] HKCU\[...]\ClassicStartMenu : {59031A47-3F72-44A7-89C5-5595FE6B30EE} (1) -> FOUND
[HJ DESK] HKCU\[...]\NewStartPanel : {59031A47-3F72-44A7-89C5-5595FE6B30EE} (1) -> FOUND
 
¤¤¤ Particular Files / Folders: ¤¤¤
 
¤¤¤ Driver : [LOADED] ¤¤¤
_INLINE_ : NtTraceEvent -> HOOKED (Unknown @ 0x92B38C00)
 
¤¤¤ HOSTS File: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts
 
127.0.0.1       localhost
 
 
¤¤¤ MBR Check: ¤¤¤
 
+++++ PhysicalDrive0: WDC WD5000AADS-67S9B1 ATA Device +++++
--- User ---
[MBR] 5985724ba892a5726b4ce24e2f48fbe8
[BSP] eb11fb66582f439466a24426dcc02753 : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 76217 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 156299264 | Size: 400620 Mo
User = LL1 ... OK!
User = LL2 ... OK!
 
Finished : << RKreport[1]_S_05052013_02d0621.txt >>
RKreport[1]_S_05052013_02d0621.txt
 
 
 

im worried about the nttraceevent in the log , is it a backdoor?


Edited by bloopie, 05 May 2013 - 02:01 PM.
Moved back to MRL forum, no edit. ~bloopie


BC AdBot (Login to Remove)

 


#2 hamluis

hamluis

    Moderator


  • Moderator
  • 55,384 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Killeen, TX
  • Local time:03:12 AM

Posted 07 May 2013 - 09:25 AM

http://www.bleepingcomputer.com/forums/index.php?&app=core&module=reports&do=show_report&rid=10530

 

Topic closed per OP request.

 

Louis






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users