API tools faq
paste
Advertisement
Guest User

Rogue Killer report

a guest
Apr 6th, 2014
103
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 10.59 KB | None | 0 0
raw download clone embed print report
  1. RogueKiller V8.8.15 _x64_ [Mar 27 2014] by Adlice Software
  2. mail : http://www.adlice.com/contact/
  3. Feedback : http://forum.adlice.com
  4. Website : http://www.adlice.com/softwares/roguekiller/
  5. Blog : http://www.adlice.com
  6.  
  7. Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
  8. Started in : Normal mode
  9. User : DIM [Admin rights]
  10. Mode : Scan -- Date : 04/06/2014 14:13:20
  11. | ARK || FAK || MBR |
  12.  
  13. ¤¤¤ Bad processes : 0 ¤¤¤
  14.  
  15. ¤¤¤ Registry Entries : 10 ¤¤¤
  16. [HJ POL][PUM] HKCU\[...]\System : DisableTaskMgr (0) -> FOUND
  17. [HJ POL][PUM] HKCU\[...]\System : DisableRegistryTools (0) -> FOUND
  18. [HJ POL][PUM] HKLM\[...]\System : DisableRegistryTools (0) -> FOUND
  19. [HJ POL][PUM] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> FOUND
  20. [HJ POL][PUM] HKLM\[...]\System : EnableLUA (0) -> FOUND
  21. [HJ POL][PUM] HKLM\[...]\Wow6432Node\[...]\System : DisableRegistryTools (0) -> FOUND
  22. [HJ POL][PUM] HKLM\[...]\Wow6432Node\[...]\System : ConsentPromptBehaviorAdmin (0) -> FOUND
  23. [HJ POL][PUM] HKLM\[...]\Wow6432Node\[...]\System : EnableLUA (0) -> FOUND
  24. [HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
  25. [HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND
  26.  
  27. ¤¤¤ Scheduled tasks : 0 ¤¤¤
  28.  
  29. ¤¤¤ Startup Entries : 0 ¤¤¤
  30.  
  31. ¤¤¤ Web browsers : 0 ¤¤¤
  32.  
  33. ¤¤¤ Browser Addons : 1 ¤¤¤
  34. [FF][PUP] vqa8eqyu.default-1359342836271 : Yahoo Toolbar
  35.  
  36. ¤¤¤ Particular Files / Folders: ¤¤¤
  37.  
  38. ¤¤¤ Driver : [NOT LOADED 0x0] ¤¤¤
  39. [Address] EAT @explorer.exe (WlanAllocateMemory) : api-ms-win-downlevel-shlwapi-l2-1-0.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xF12E8AC8)
  40. [Address] EAT @explorer.exe (WlanCloseHandle) : api-ms-win-downlevel-shlwapi-l2-1-0.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xF12E38A0)
  41. [Address] EAT @explorer.exe (WlanConnect) : api-ms-win-downlevel-shlwapi-l2-1-0.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xF12E5558)
  42. [Address] EAT @explorer.exe (WlanDeleteProfile) : api-ms-win-downlevel-shlwapi-l2-1-0.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xF12E6D10)
  43. [Address] EAT @explorer.exe (WlanDisconnect) : api-ms-win-downlevel-shlwapi-l2-1-0.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xF12E57E8)
  44. [Address] EAT @explorer.exe (WlanEnumInterfaces) : api-ms-win-downlevel-shlwapi-l2-1-0.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xF12E3A80)
  45. [Address] EAT @explorer.exe (WlanExtractPsdIEDataList) : api-ms-win-downlevel-shlwapi-l2-1-0.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xF12E8394)
  46. [Address] EAT @explorer.exe (WlanFreeMemory) : api-ms-win-downlevel-shlwapi-l2-1-0.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xF12EA5A0)
  47. [Address] EAT @explorer.exe (WlanGetAvailableNetworkList) : api-ms-win-downlevel-shlwapi-l2-1-0.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xF12E4F88)
  48. [Address] EAT @explorer.exe (WlanGetFilterList) : api-ms-win-downlevel-shlwapi-l2-1-0.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xF12E7F9C)
  49. [Address] EAT @explorer.exe (WlanGetInterfaceCapability) : api-ms-win-downlevel-shlwapi-l2-1-0.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xF12E4188)
  50. [Address] EAT @explorer.exe (WlanGetNetworkBssList) : api-ms-win-downlevel-shlwapi-l2-1-0.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xF12E5268)
  51. [Address] EAT @explorer.exe (WlanGetProfile) : api-ms-win-downlevel-shlwapi-l2-1-0.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xF12E6A20)
  52. [Address] EAT @explorer.exe (WlanGetProfileCustomUserData) : api-ms-win-downlevel-shlwapi-l2-1-0.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xF12E7B1C)
  53. [Address] EAT @explorer.exe (WlanGetProfileList) : api-ms-win-downlevel-shlwapi-l2-1-0.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xF12E7404)
  54. [Address] EAT @explorer.exe (WlanGetSecuritySettings) : api-ms-win-downlevel-shlwapi-l2-1-0.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xF12E8D88)
  55. [Address] EAT @explorer.exe (WlanHostedNetworkForceStart) : api-ms-win-downlevel-shlwapi-l2-1-0.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xF12E935C)
  56. [Address] EAT @explorer.exe (WlanHostedNetworkForceStop) : api-ms-win-downlevel-shlwapi-l2-1-0.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xF12E9418)
  57. [Address] EAT @explorer.exe (WlanHostedNetworkInitSettings) : api-ms-win-downlevel-shlwapi-l2-1-0.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xF12E99D8)
  58. [Address] EAT @explorer.exe (WlanHostedNetworkQueryProperty) : api-ms-win-downlevel-shlwapi-l2-1-0.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xF12E94D4)
  59. [Address] EAT @explorer.exe (WlanHostedNetworkQuerySecondaryKey) : api-ms-win-downlevel-shlwapi-l2-1-0.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xF12EA020)
  60. [Address] EAT @explorer.exe (WlanHostedNetworkQueryStatus) : api-ms-win-downlevel-shlwapi-l2-1-0.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xF12E9B50)
  61. [Address] EAT @explorer.exe (WlanHostedNetworkRefreshSecuritySettings) : api-ms-win-downlevel-shlwapi-l2-1-0.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xF12E9A94)
  62. [Address] EAT @explorer.exe (WlanHostedNetworkSetProperty) : api-ms-win-downlevel-shlwapi-l2-1-0.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xF12E9744)
  63. [Address] EAT @explorer.exe (WlanHostedNetworkSetSecondaryKey) : api-ms-win-downlevel-shlwapi-l2-1-0.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xF12E9D78)
  64. [Address] EAT @explorer.exe (WlanHostedNetworkStartUsing) : api-ms-win-downlevel-shlwapi-l2-1-0.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xF12E91EC)
  65. [Address] EAT @explorer.exe (WlanHostedNetworkStopUsing) : api-ms-win-downlevel-shlwapi-l2-1-0.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xF12E92A4)
  66. [Address] EAT @explorer.exe (WlanIhvControl) : api-ms-win-downlevel-shlwapi-l2-1-0.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xF12E4A00)
  67. [Address] EAT @explorer.exe (WlanOpenHandle) : api-ms-win-downlevel-shlwapi-l2-1-0.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xF12E1960)
  68. [Address] EAT @explorer.exe (WlanQueryAutoConfigParameter) : api-ms-win-downlevel-shlwapi-l2-1-0.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xF12E3EE8)
  69. [Address] EAT @explorer.exe (WlanQueryInterface) : api-ms-win-downlevel-shlwapi-l2-1-0.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xF12E4668)
  70. [Address] EAT @explorer.exe (WlanReasonCodeToString) : api-ms-win-downlevel-shlwapi-l2-1-0.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xF12E8A54)
  71. [Address] EAT @explorer.exe (WlanRegisterNotification) : api-ms-win-downlevel-shlwapi-l2-1-0.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xF12E5A08)
  72. [Address] EAT @explorer.exe (WlanRegisterVirtualStationNotification) : api-ms-win-downlevel-shlwapi-l2-1-0.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xF12EA358)
  73. [Address] EAT @explorer.exe (WlanRenameProfile) : api-ms-win-downlevel-shlwapi-l2-1-0.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xF12E6F4C)
  74. [Address] EAT @explorer.exe (WlanSaveTemporaryProfile) : api-ms-win-downlevel-shlwapi-l2-1-0.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xF12E87D0)
  75. [Address] EAT @explorer.exe (WlanScan) : api-ms-win-downlevel-shlwapi-l2-1-0.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xF12E4D40)
  76. [Address] EAT @explorer.exe (WlanSetAutoConfigParameter) : api-ms-win-downlevel-shlwapi-l2-1-0.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xF12E3D10)
  77. [Address] EAT @explorer.exe (WlanSetFilterList) : api-ms-win-downlevel-shlwapi-l2-1-0.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xF12E7DCC)
  78. [Address] EAT @explorer.exe (WlanSetInterface) : api-ms-win-downlevel-shlwapi-l2-1-0.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xF12E4470)
  79. [Address] EAT @explorer.exe (WlanSetProfile) : api-ms-win-downlevel-shlwapi-l2-1-0.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xF12E6760)
  80. [Address] EAT @explorer.exe (WlanSetProfileCustomUserData) : api-ms-win-downlevel-shlwapi-l2-1-0.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xF12E78A4)
  81. [Address] EAT @explorer.exe (WlanSetProfileEapUserData) : api-ms-win-downlevel-shlwapi-l2-1-0.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xF12E5CC4)
  82. [Address] EAT @explorer.exe (WlanSetProfileEapXmlUserData) : api-ms-win-downlevel-shlwapi-l2-1-0.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xF12E5F9C)
  83. [Address] EAT @explorer.exe (WlanSetProfileList) : api-ms-win-downlevel-shlwapi-l2-1-0.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xF12E71A8)
  84. [Address] EAT @explorer.exe (WlanSetProfilePosition) : api-ms-win-downlevel-shlwapi-l2-1-0.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xF12E7644)
  85. [Address] EAT @explorer.exe (WlanSetPsdIEDataList) : api-ms-win-downlevel-shlwapi-l2-1-0.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xF12E81B0)
  86. [Address] EAT @explorer.exe (WlanSetSecuritySettings) : api-ms-win-downlevel-shlwapi-l2-1-0.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xF12E8B58)
  87.  
  88. ¤¤¤ External Hives: ¤¤¤
  89.  
  90. ¤¤¤ Infection : PUP ¤¤¤
  91.  
  92. ¤¤¤ HOSTS File: ¤¤¤
  93. --> %SystemRoot%\System32\drivers\etc\hosts
  94.  
  95.  
  96. 127.0.0.1 localhost
  97. 127.0.0.1 www.007guard.com
  98. 127.0.0.1 007guard.com
  99. 127.0.0.1 008i.com
  100. 127.0.0.1 www.008k.com
  101. 127.0.0.1 008k.com
  102. 127.0.0.1 www.00hq.com
  103. 127.0.0.1 00hq.com
  104. 127.0.0.1 010402.com
  105. 127.0.0.1 www.032439.com
  106. 127.0.0.1 032439.com
  107. 127.0.0.1 www.0scan.com
  108. 127.0.0.1 0scan.com
  109. 127.0.0.1 www.1000gratisproben.com
  110. 127.0.0.1 1000gratisproben.com
  111. 127.0.0.1 1001namen.com
  112. 127.0.0.1 www.1001namen.com
  113. 127.0.0.1 100888290cs.com
  114. 127.0.0.1 www.100888290cs.com
  115. 127.0.0.1 www.100sexlinks.com
  116. [...]
  117.  
  118.  
  119. ¤¤¤ MBR Check: ¤¤¤
  120.  
  121. +++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) ST9160411ASG ATA Device +++++
  122. --- User ---
  123. [MBR] a1a98526c3872e927623260f8c05644b
  124. [BSP] b5b3da35ee7326ab8d8392d29433ce52 : Windows 7/8 MBR Code
  125. Partition table:
  126. 0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 140095 MB
  127. 1 - [XXXXXX] COMPAQ (0x12) [VISIBLE] Offset (sectors): 286916608 | Size: 12528 MB
  128. User = LL1 ... OK!
  129. User = LL2 ... OK!
  130.  
  131. +++++ PhysicalDrive1: (\\.\PHYSICALDRIVE1 @ USB) Maxtor OneTouch USB Device +++++
  132. --- User ---
  133. [MBR] f5253e7a572ccc8c522e5309b35a3ae8
  134. [BSP] 4a2e1fa831253321029663a51f6c0a29 : Legit.C MBR Code
  135. Partition table:
  136. 0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 476937 MB
  137. User = LL1 ... OK!
  138. Error reading LL2 MBR! ([0x32] The request is not supported. )
  139.  
  140. +++++ PhysicalDrive2: (\\.\PHYSICALDRIVE2 @ USB) Toshiba External USB HDD USB Device +++++
  141. --- User ---
  142. [MBR] 1742f885fb445f465bad51e45ee286e1
  143. [BSP] 31ff53da4033a75177632aeadf19d1cc : MBR Code unknown
  144. Partition table:
  145. 0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 610476 MB
  146. User = LL1 ... OK!
  147. Error reading LL2 MBR! ([0x32] The request is not supported. )
  148.  
  149. Finished : << RKreport[0]_S_04062014_141320.txt >>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!