Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- RogueKiller V8.6.10 _x64_ [Sep 9 2013] by Tigzy
- mail : tigzyRK<at>gmail<dot>com
- Feedback : http://www.adlice.com/forum/
- Website : http://www.adlice.com/softwares/roguekiller/
- Blog : http://tigzyrk.blogspot.com/
- Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
- Started in : Normal mode
- User : Carrie [Admin rights]
- Mode : Scan -- Date : 09/10/2013 19:12:04
- | ARK || FAK || MBR |
- ¤¤¤ Bad processes : 0 ¤¤¤
- ¤¤¤ Registry Entries : 7 ¤¤¤
- [HJ POL] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> FOUND
- [HJ POL] HKLM\[...]\System : EnableLUA (0) -> FOUND
- [HJ POL] HKLM\[...]\Wow6432Node\[...]\System : ConsentPromptBehaviorAdmin (0) -> FOUND
- [HJ POL] HKLM\[...]\Wow6432Node\[...]\System : EnableLUA (0) -> FOUND
- [HJ SMENU] HKCU\[...]\Advanced : Start_ShowRun (0) -> FOUND
- [HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
- [HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND
- ¤¤¤ Scheduled tasks : 15 ¤¤¤
- [V1][SUSP PATH] Arcadesafari.job : C:\Users\Carrie\AppData\Local\Arcadesafari\ArcadesafariUpdater.exe [7] -> FOUND
- [V1][SUSP PATH] AllmyappsUpdateTask.job : C:\Users\Carrie\AppData\Roaming\Allmyapps\AllmyappsUpdater.exe - check startup [7][x] -> FOUND
- [V2][SUSP PATH] AllmyappsUpdateTask : C:\Users\Carrie\AppData\Roaming\Allmyapps\AllmyappsUpdater.exe - check startup [7][x] -> FOUND
- [V2][SUSP PATH] Arcadesafari : C:\Users\Carrie\AppData\Local\Arcadesafari\ArcadesafariUpdater.exe [7] -> FOUND
- [V2][SUSP PATH] {077DF77B-3544-4BC4-851A-184819D868F2} : C:\Users\Carrie\Desktop\safe.exe [-] -> FOUND
- [V2][SUSP PATH] {0E8750C1-1D26-4E71-9C42-A85FCF43E0EF} : C:\Users\Carrie\Desktop\ie.exe [x] -> FOUND
- [V2][SUSP PATH] {14BAEAF4-9954-4703-93BA-8A328CDC7898} : C:\Users\Carrie\Desktop\ie.exe [x] -> FOUND
- [V2][SUSP PATH] {2D31A804-F9FF-4C63-AD61-7A26008A1C8E} : C:\Users\Carrie\Desktop\safe.exe [-] -> FOUND
- [V2][SUSP PATH] {5C944199-76A3-4989-B558-4926FA7D2E8B} : C:\Users\Carrie\Desktop\safe.exe [-] -> FOUND
- [V2][SUSP PATH] {781DA757-B430-43DE-9F6F-C2FC08BEA2FE} : C:\Users\Carrie\Desktop\ie.exe [x] -> FOUND
- [V2][SUSP PATH] {7EFDA9EA-9287-42ED-9A0D-9FD12E909264} : C:\Users\Carrie\Desktop\safe.exe [-] -> FOUND
- [V2][SUSP PATH] {8D2C11BA-8E55-4483-87B7-71CE7195A128} : C:\Users\Carrie\Desktop\safe.exe [-] -> FOUND
- [V2][SUSP PATH] {C3F5A4FC-0E7A-40DD-98BA-7782EAF94EBF} : C:\Users\Carrie\Desktop\ie.exe [x] -> FOUND
- [V2][SUSP PATH] {E90DEAF8-3137-44AA-9165-31B4CD3D2637} : C:\Users\Carrie\Desktop\safe.exe [-] -> FOUND
- [V2][SUSP PATH] {F226BD7F-F697-4C0C-BB59-3C661F80D2B2} : C:\Users\Carrie\Desktop\ie.exe [x] -> FOUND
- ¤¤¤ Startup Entries : 0 ¤¤¤
- ¤¤¤ Web browsers : 0 ¤¤¤
- ¤¤¤ Particular Files / Folders: ¤¤¤
- ¤¤¤ Driver : [NOT LOADED 0x0] ¤¤¤
- ¤¤¤ External Hives: ¤¤¤
- ¤¤¤ Infection : ¤¤¤
- ¤¤¤ HOSTS File: ¤¤¤
- --> %SystemRoot%\System32\drivers\etc\hosts
- 127.0.0.1 www.007guard.com
- 127.0.0.1 007guard.com
- 127.0.0.1 008i.com
- 127.0.0.1 www.008k.com
- 127.0.0.1 008k.com
- 127.0.0.1 www.00hq.com
- 127.0.0.1 00hq.com
- 127.0.0.1 010402.com
- 127.0.0.1 www.032439.com
- 127.0.0.1 032439.com
- 127.0.0.1 www.0scan.com
- 127.0.0.1 0scan.com
- 127.0.0.1 www.1000gratisproben.com
- 127.0.0.1 1000gratisproben.com
- 127.0.0.1 1001namen.com
- 127.0.0.1 www.1001namen.com
- 127.0.0.1 100888290cs.com
- 127.0.0.1 www.100888290cs.com
- 127.0.0.1 www.100sexlinks.com
- 127.0.0.1 100sexlinks.com
- [...]
- ¤¤¤ MBR Check: ¤¤¤
- +++++ PhysicalDrive0: TOSHIBA MK3265GSXN SATA Disk Device +++++
- --- User ---
- [MBR] ccf60736590eef2cfd6a7aa695256f66
- [BSP] 66145dbfca0f0410ab0749a594446f83 : Windows Vista MBR Code
- Partition table:
- 0 - [ACTIVE] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 1500 Mo
- 1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 3074048 | Size: 292137 Mo
- 2 - [XXXXXX] NTFS (0x17) [HIDDEN!] Offset (sectors): 601370624 | Size: 11607 Mo
- User = LL1 ... OK!
- User = LL2 ... OK!
- Finished : << RKreport[0]_S_09102013_191204.txt >>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement