API tools faq
paste
Advertisement
Guest User

RK.txt

a guest
May 26th, 2015
311
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 10.03 KB | None | 0 0
raw download clone embed print report
  1. RogueKiller V10.7.0.0 (x64) [May 25 2015] by Adlice Software
  2. mail : http://www.adlice.com/contact/
  3. Feedback : http://forum.adlice.com
  4. Website : http://www.adlice.com/softwares/roguekiller/
  5. Blog : http://www.adlice.com
  6.  
  7. Operating System : Windows Vista (6.0.6002 Service Pack 2) 64 bits version
  8. Started in : Normal mode
  9. User : sandra [Administrator]
  10. Started from : C:\Users\sandra\Pictures\RogueKillerX64.exe
  11. Mode : Scan -- Date : 05/26/2015 20:39:49
  12.  
  13. ¤¤¤ Processes : 0 ¤¤¤
  14.  
  15. ¤¤¤ Registry : 41 ¤¤¤
  16. [PUP] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670} -> Found
  17. [PUM.Orphan] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> Found
  18. [PUM.Orphan] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B} -> Found
  19. [PUM.Orphan] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CC59E0F9-7E43-44FA-9FAA-8377850BF205} -> Found
  20. [PUP] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440} -> Found
  21. [PUM.Orphan] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> Found
  22. [PUP] (X86) HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar | {EF99BD32-C1FB-11D2-892F-0090271D4F88} : -> Found
  23. [PUP] (X86) HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar | {CCC7A320-B3CA-4199-B1A6-9F516DD69829} : AVG Security Toolbar -> Found
  24. [PUP] (X86) HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar | {D4027C7F-154A-4066-A1AD-4243D8127440} : -> Found
  25. [PUM.Orphan] (X64) HKEY_USERS\S-1-5-21-3416489443-1810059255-3248933083-1000\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser | {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} : -> Found
  26. [PUP] (X64) HKEY_USERS\S-1-5-21-3416489443-1810059255-3248933083-1000\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser | {CCC7A320-B3CA-4199-B1A6-9F516DD69829} : -> Found
  27. [PUM.Orphan] (X64) HKEY_USERS\S-1-5-21-3416489443-1810059255-3248933083-1000\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser | {21FA44EF-376D-4D53-9B0F-8A89D3229068} : -> Found
  28. [PUP] (X64) HKEY_USERS\S-1-5-21-3416489443-1810059255-3248933083-1000\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser | {D4027C7F-154A-4066-A1AD-4243D8127440} : -> Found
  29. [PUM.Orphan] (X86) HKEY_USERS\S-1-5-21-3416489443-1810059255-3248933083-1000\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser | {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} : -> Found
  30. [PUP] (X86) HKEY_USERS\S-1-5-21-3416489443-1810059255-3248933083-1000\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser | {CCC7A320-B3CA-4199-B1A6-9F516DD69829} : -> Found
  31. [PUM.Orphan] (X86) HKEY_USERS\S-1-5-21-3416489443-1810059255-3248933083-1000\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser | {21FA44EF-376D-4D53-9B0F-8A89D3229068} : -> Found
  32. [PUP] (X86) HKEY_USERS\S-1-5-21-3416489443-1810059255-3248933083-1000\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser | {D4027C7F-154A-4066-A1AD-4243D8127440} : -> Found
  33. [ZeroAccess] (X64) HKEY_USERS\S-1-5-21-3416489443-1810059255-3248933083-1000\Software\Microsoft\Windows\CurrentVersion\Run | Google Update|?❤ : "C:\Users\sandra\AppData\Local\Google\Desktop\Install\{b0d74a00-1d3c-4cf0-6e8e-067ba322f673}\❤≸⋙\Ⱒ☠⍨\?ﯹ๛\{b0d74a00-1d3c-4cf0-6e8e-067ba322f673}\GoogleUpdate.exe" > [x][x] -> Found
  34. [ZeroAccess] (X86) HKEY_USERS\S-1-5-21-3416489443-1810059255-3248933083-1000\Software\Microsoft\Windows\CurrentVersion\Run | Google Update|?❤ : "C:\Users\sandra\AppData\Local\Google\Desktop\Install\{b0d74a00-1d3c-4cf0-6e8e-067ba322f673}\❤≸⋙\Ⱒ☠⍨\?ﯹ๛\{b0d74a00-1d3c-4cf0-6e8e-067ba322f673}\GoogleUpdate.exe" > [x][x] -> Found
  35. [Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\ldr (C:\ProgramData\rkcl\ldr.exe) -> Found
  36. [Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\ldr (C:\ProgramData\rkcl\ldr.exe) -> Found
  37. [Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\ldr (C:\ProgramData\rkcl\ldr.exe) -> Found
  38. [PUM.HomePage] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main | Start Page : http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=91&bd=bestbuy&pf=cndt -> Found
  39. [PUM.HomePage] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main | Start Page : http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=91&bd=bestbuy&pf=cndt -> Found
  40. [PUM.HomePage] (X64) HKEY_USERS\S-1-5-21-3416489443-1810059255-3248933083-1000\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.bing.com/?pc=cosp&ptag=A477141CA2B3149FD85F&form=CONMHP&conlogo=CT3210127 -> Found
  41. [PUM.HomePage] (X86) HKEY_USERS\S-1-5-21-3416489443-1810059255-3248933083-1000\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.bing.com/?pc=cosp&ptag=A477141CA2B3149FD85F&form=CONMHP&conlogo=CT3210127 -> Found
  42. [PUM.HomePage] (X64) HKEY_USERS\S-1-5-21-3416489443-1810059255-3248933083-1004\Software\Microsoft\Internet Explorer\Main | Start Page : http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=91&bd=bestbuy&pf=cndt -> Found
  43. [PUM.HomePage] (X86) HKEY_USERS\S-1-5-21-3416489443-1810059255-3248933083-1004\Software\Microsoft\Internet Explorer\Main | Start Page : http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=91&bd=bestbuy&pf=cndt -> Found
  44. [PUM.HomePage] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main | Default_Page_URL : http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=91&bd=bestbuy&pf=cndt -> Found
  45. [PUM.HomePage] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main | Default_Page_URL : http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=91&bd=bestbuy&pf=cndt -> Found
  46. [PUM.HomePage] (X64) HKEY_USERS\S-1-5-21-3416489443-1810059255-3248933083-1000\Software\Microsoft\Internet Explorer\Main | Default_Page_URL : http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=91&bd=bestbuy&pf=cndt -> Found
  47. [PUM.HomePage] (X86) HKEY_USERS\S-1-5-21-3416489443-1810059255-3248933083-1000\Software\Microsoft\Internet Explorer\Main | Default_Page_URL : http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=91&bd=bestbuy&pf=cndt -> Found
  48. [PUM.HomePage] (X64) HKEY_USERS\S-1-5-21-3416489443-1810059255-3248933083-1004\Software\Microsoft\Internet Explorer\Main | Default_Page_URL : http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=91&bd=bestbuy&pf=cndt -> Found
  49. [PUM.HomePage] (X86) HKEY_USERS\S-1-5-21-3416489443-1810059255-3248933083-1004\Software\Microsoft\Internet Explorer\Main | Default_Page_URL : http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=91&bd=bestbuy&pf=cndt -> Found
  50. [PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{19BD688D-CB7F-426C-B58F-B737F4E05D57} | DhcpNameServer : 172.18.7.170 [(Private Address) (XX)] -> Found
  51. [PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{19BD688D-CB7F-426C-B58F-B737F4E05D57} | DhcpNameServer : 172.18.7.170 [(Private Address) (XX)] -> Found
  52. [PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters\Interfaces\{19BD688D-CB7F-426C-B58F-B737F4E05D57} | DhcpNameServer : 172.18.7.170 [(Private Address) (XX)] -> Found
  53. [PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> Found
  54. [PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> Found
  55. [PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> Found
  56. [PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> Found
  57.  
  58. ¤¤¤ Tasks : 0 ¤¤¤
  59.  
  60. ¤¤¤ Files : 1 ¤¤¤
  61. [ZeroAccess][Folder] Install -- C:\Users\sandra\AppData\Local\Google\Desktop\Install -> Found
  62.  
  63. ¤¤¤ Hosts File : 2 ¤¤¤
  64. [C:\Windows\System32\drivers\etc\hosts] 127.0.0.1 localhost
  65. [C:\Windows\System32\drivers\etc\hosts] ::1 localhost
  66.  
  67. ¤¤¤ Antirootkit : 0 (Driver: Loaded) ¤¤¤
  68.  
  69. ¤¤¤ Web browsers : 0 ¤¤¤
  70.  
  71. ¤¤¤ MBR Check : ¤¤¤
  72. +++++ PhysicalDrive0: AMD 1+0 RAID Ready SCSI Disk Device +++++
  73. --- User ---
  74. [MBR] b85fb6104e84595d9a7ed4f863636d83
  75. [BSP] 309fdfd200901d3359dd1e035123a213 : HP MBR Code
  76. Partition table:
  77. 0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 63 | Size: 701235 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
  78. 2 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 1436130675 | Size: 14017 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
  79. User = LL1 ... OK
  80. Error reading LL2 MBR! ([1] Incorrect function. )
  81.  
  82. +++++ PhysicalDrive1: Generic- Compact Flash USB Device +++++
  83. Error reading User MBR! ([15] The device is not ready. )
  84. Error reading LL1 MBR! NOT VALID!
  85. Error reading LL2 MBR! ([32] The request is not supported. )
  86.  
  87. +++++ PhysicalDrive2: Generic- SM/xD-Picture USB Device +++++
  88. Error reading User MBR! ([15] The device is not ready. )
  89. Error reading LL1 MBR! NOT VALID!
  90. Error reading LL2 MBR! ([32] The request is not supported. )
  91.  
  92. +++++ PhysicalDrive3: Generic- SD/MMC USB Device +++++
  93. Error reading User MBR! ([15] The device is not ready. )
  94. Error reading LL1 MBR! NOT VALID!
  95. Error reading LL2 MBR! ([32] The request is not supported. )
  96.  
  97. +++++ PhysicalDrive4: Generic- MS/MS-Pro USB Device +++++
  98. Error reading User MBR! ([15] The device is not ready. )
  99. Error reading LL1 MBR! NOT VALID!
  100. Error reading LL2 MBR! ([32] The request is not supported. )
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!