Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- RogueKiller V8.7.4 [Oct 16 2013] by Tigzy
- mail : tigzyRK<at>gmail<dot>com
- Feedback : http://www.adlice.com/forum/
- Website : http://www.adlice.com/softwares/roguekiller/
- Blog : http://tigzyrk.blogspot.com/
- Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
- Started in : Normal mode
- User : Caleb's Computer [Admin rights]
- Mode : Scan -- Date : 10/17/2013 20:21:41
- | ARK || FAK || MBR |
- ¤¤¤ Bad processes : 0 ¤¤¤
- ¤¤¤ Registry Entries : 10 ¤¤¤
- [RUN][ZeroAccess] HKUS\.DEFAULT\[...]\Run : Google Update ("C:\Windows\system32\config\systemprofile\AppData\Local\Google\Desktop\Install\{510e5f06-3f78-7a78-850f-f1ce9435bd1e}\?��?��?��\?��?��?��\???ﯹ๛\{510e5f06-3f78-7a78-850f-f1ce9435bd1e}\GoogleUpdate.exe" >) -> FOUND
- [RUN][ZeroAccess] HKUS\S-1-5-18\[...]\Run : Google Update ("C:\Windows\system32\config\systemprofile\AppData\Local\Google\Desktop\Install\{510e5f06-3f78-7a78-850f-f1ce9435bd1e}\?��?��?��\?��?��?��\???ﯹ๛\{510e5f06-3f78-7a78-850f-f1ce9435bd1e}\GoogleUpdate.exe" >) -> FOUND
- [SHELL][SUSP PATH] HKCU\[...]\Winlogon : shell (C:\Users\Caleb's Computer\AppData\Roaming\dlc.xmm,explorer.exe [x][x][x]) -> FOUND
- [SHELL][SUSP PATH] HKUS\[...]\Winlogon : shell (C:\Users\Caleb's Computer\AppData\Roaming\dlc.xmm,explorer.exe [x][x][x]) -> FOUND
- [HJ POL][PUM] HKLM\[...]\System : DisableTaskMgr (0) -> FOUND
- [HJ POL][PUM] HKLM\[...]\System : DisableRegistryTools (0) -> FOUND
- [HJ POL][PUM] HKLM\[...]\Wow6432Node\[...]\System : DisableTaskMgr (0) -> FOUND
- [HJ POL][PUM] HKLM\[...]\Wow6432Node\[...]\System : DisableRegistryTools (0) -> FOUND
- [HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
- [HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND
- ¤¤¤ Scheduled tasks : 0 ¤¤¤
- ¤¤¤ Startup Entries : 0 ¤¤¤
- ¤¤¤ Web browsers : 0 ¤¤¤
- ¤¤¤ Particular Files / Folders: ¤¤¤
- ¤¤¤ Driver : [NOT LOADED 0x0] ¤¤¤
- ¤¤¤ External Hives: ¤¤¤
- ¤¤¤ Infection : ZeroAccess ¤¤¤
- ¤¤¤ HOSTS File: ¤¤¤
- --> %SystemRoot%\System32\drivers\etc\hosts
- ¤¤¤ MBR Check: ¤¤¤
- +++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) (Standard disk drives) - WDC WD10EALX-229BA0 ATA Device +++++
- --- User ---
- [MBR] ddcf84195feb375c46a7653e9bca57ea
- [BSP] b7f1af624ca415852c3eb9ae77b37bea : Windows Vista MBR Code
- Partition table:
- 0 - [XXXXXX] FAT32 (0x1b) [HIDDEN!] Offset (sectors): 2048 | Size: 14524 Mo
- 1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 29747200 | Size: 939342 Mo
- User = LL1 ... OK!
- User = LL2 ... OK!
- Finished : << RKreport[0]_S_10172013_202141.txt >>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement