API tools faq
paste
Advertisement
Guest User

RogueKiller-dudljo

a guest
Oct 14th, 2013
105
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 4.58 KB | None | 0 0
raw download clone embed print report
  1. RogueKiller V8.7.2 _x64_ [Oct 3 2013] by Tigzy
  2. mail : tigzyRK<at>gmail<dot>com
  3. Feedback : http://www.adlice.com/forum/
  4. Website : http://www.adlice.com/softwares/roguekiller/
  5. Blog : http://tigzyrk.blogspot.com/
  6.  
  7. Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
  8. Started in : Normal mode
  9. User : jdudley [Admin rights]
  10. Mode : Scan -- Date : 10/14/2013 12:35:28
  11. | ARK || FAK || MBR |
  12.  
  13. ¤¤¤ Bad processes : 0 ¤¤¤
  14.  
  15. ¤¤¤ Registry Entries : 34 ¤¤¤
  16. [HJ TASKMAN] HKLM\[...]\Wow6432Node\[...]\Winlogon : TaskMan () -> FOUND
  17. [PROXY IE][PUM] HKCU\[...]\Internet Settings : ProxyServer (192.168.29.200:80) -> FOUND
  18. [DNS][PUM] HKLM\[...]\CCSet\[...]\{066DB5DA-8AC1-4487-870D-9DAA15033CA9} : NameServer (82.132.254.2 82.132.254.3) -> FOUND
  19. [DNS][PUM] HKLM\[...]\CCSet\[...]\{6D3DFB6A-4EFF-4B63-BB9D-F8DD1A38971D} : NameServer (10.50.30.67) -> FOUND
  20. [DNS][PUM] HKLM\[...]\CCSet\[...]\{A5D43338-7E3D-4211-B877-116F2113B7DE} : NameServer (10.50.30.67) -> FOUND
  21. [DNS][PUM] HKLM\[...]\CCSet\[...]\{BE289F84-BC28-4411-831E-2139F3E68D2C} : NameServer (10.50.30.67) -> FOUND
  22. [DNS][PUM] HKLM\[...]\CS001\[...]\{066DB5DA-8AC1-4487-870D-9DAA15033CA9} : NameServer (82.132.254.2 82.132.254.3) -> FOUND
  23. [DNS][PUM] HKLM\[...]\CS001\[...]\{6D3DFB6A-4EFF-4B63-BB9D-F8DD1A38971D} : NameServer (10.50.30.67) -> FOUND
  24. [DNS][PUM] HKLM\[...]\CS001\[...]\{A5D43338-7E3D-4211-B877-116F2113B7DE} : NameServer (10.50.30.67) -> FOUND
  25. [DNS][PUM] HKLM\[...]\CS001\[...]\{BE289F84-BC28-4411-831E-2139F3E68D2C} : NameServer (10.50.30.67) -> FOUND
  26. [DNS][PUM] HKLM\[...]\CS002\[...]\{066DB5DA-8AC1-4487-870D-9DAA15033CA9} : NameServer (82.132.254.2 82.132.254.3) -> FOUND
  27. [DNS][PUM] HKLM\[...]\CS002\[...]\{6D3DFB6A-4EFF-4B63-BB9D-F8DD1A38971D} : NameServer (10.50.30.67) -> FOUND
  28. [DNS][PUM] HKLM\[...]\CS002\[...]\{A5D43338-7E3D-4211-B877-116F2113B7DE} : NameServer (10.50.30.67) -> FOUND
  29. [DNS][PUM] HKLM\[...]\CS002\[...]\{BE289F84-BC28-4411-831E-2139F3E68D2C} : NameServer (10.50.30.67) -> FOUND
  30. [HJ POL][PUM] HKLM\[...]\System : DisableTaskMgr (0) -> FOUND
  31. [HJ POL][PUM] HKLM\[...]\System : DisableRegistryTools (0) -> FOUND
  32. [HJ POL][PUM] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> FOUND
  33. [HJ POL][PUM] HKLM\[...]\System : EnableLUA (0) -> FOUND
  34. [HJ POL][PUM] HKLM\[...]\Wow6432Node\[...]\System : DisableTaskMgr (0) -> FOUND
  35. [HJ POL][PUM] HKLM\[...]\Wow6432Node\[...]\System : DisableRegistryTools (0) -> FOUND
  36. [HJ POL][PUM] HKLM\[...]\Wow6432Node\[...]\System : ConsentPromptBehaviorAdmin (0) -> FOUND
  37. [HJ POL][PUM] HKLM\[...]\Wow6432Node\[...]\System : EnableLUA (0) -> FOUND
  38. [HJ SMENU][PUM] HKCU\[...]\Advanced : Start_ShowMyGames (0) -> FOUND
  39. [HJ SMENU][PUM] HKCU\[...]\Advanced : Start_TrackProgs (0) -> FOUND
  40. [HJ DESK][PUM] HKCU\[...]\ClassicStartMenu : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
  41. [HJ DESK][PUM] HKCU\[...]\ClassicStartMenu : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND
  42. [HJ DESK][PUM] HKCU\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
  43. [HJ DESK][PUM] HKCU\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND
  44. [HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
  45. [HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND
  46. [HJ INPROC][ZeroAccess] HKCR\[...]\InprocServer32 : (C:\Users\jdudley\AppData\Local\{cf77ec27-39e7-8307-93c7-4ae7e2e77130}\n. [x]) -> FOUND
  47. [HJ DLL][SUSP PATH] HKLM\[...]\CCSet\[...]\Parameters : ServiceDll (C:\PROGRA~3\j60lcbj4.pzz [x]) -> FOUND
  48. [HJ DLL][SUSP PATH] HKLM\[...]\CS001\[...]\Parameters : ServiceDll (C:\PROGRA~3\j60lcbj4.pzz [x]) -> FOUND
  49. [HJ DLL][SUSP PATH] HKLM\[...]\CS002\[...]\Parameters : ServiceDll (C:\PROGRA~3\j60lcbj4.pzz [x]) -> FOUND
  50.  
  51. ¤¤¤ Scheduled tasks : 0 ¤¤¤
  52.  
  53. ¤¤¤ Startup Entries : 0 ¤¤¤
  54.  
  55. ¤¤¤ Web browsers : 0 ¤¤¤
  56.  
  57. ¤¤¤ Particular Files / Folders: ¤¤¤
  58.  
  59. ¤¤¤ Driver : [NOT LOADED 0x0] ¤¤¤
  60.  
  61. ¤¤¤ External Hives: ¤¤¤
  62.  
  63. ¤¤¤ Infection : ¤¤¤
  64.  
  65. ¤¤¤ HOSTS File: ¤¤¤
  66. --> %SystemRoot%\System32\drivers\etc\hosts
  67.  
  68.  
  69. 65.170.40.142 notes.abinitio.com notes
  70. 65.170.40.143 estes.abinitio.com estes
  71. 192.168.117.129 abdemo
  72.  
  73.  
  74. ¤¤¤ MBR Check: ¤¤¤
  75.  
  76. +++++ PhysicalDrive0: ( @ ) - +++++
  77. --- User ---
  78. [MBR] 6b7df0dab00bfa34472e2b26835888df
  79. [BSP] edef1bf55c0edd542455e2050c9692c8 : Lenovo MBR Code
  80. Partition table:
  81. 0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 1853 Mo
  82. 1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 3795120 | Size: 475084 Mo
  83. User = LL1 ... OK!
  84. User = LL2 ... OK!
  85.  
  86. Finished : << RKreport[0]_S_10142013_123528.txt >>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!