API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Oct 29th, 2014
52
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 8.89 KB | None | 0 0
raw download clone embed print report
  1. RogueKiller V10.0.4.0 (x64) [Oct 29 2014] by Adlice Software
  2. mail : http://www.adlice.com/contact/
  3. Feedback : http://forum.adlice.com
  4. Website : http://www.adlice.com/softwares/roguekiller/
  5. Blog : http://www.adlice.com
  6.  
  7. Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
  8. Started in : Normal mode
  9. User : Adrock [Administrator]
  10. Mode : Scan -- Date : 10/29/2014 17:47:52
  11.  
  12. ¤¤¤ Processes : 0 ¤¤¤
  13.  
  14. ¤¤¤ Registry : 36 ¤¤¤
  15. [Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\RK_Software_ON_C_466C\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run | {43434304-b932-dcd7-8b46-d7d2c0933d9b} : "C:\ProgramData\Microsoft\{43434304-b932-dcd7-8b46-d7d2c0933d9b}\{43434304-b932-dcd7-8b46-d7d2c0933d9b}.exe" -> Found
  16. [Suspicious.Path] (X86) HKEY_LOCAL_MACHINE\RK_Software_ON_C_466C\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run | {43434304-b932-dcd7-8b46-d7d2c0933d9b} : "C:\ProgramData\Microsoft\{43434304-b932-dcd7-8b46-d7d2c0933d9b}\{43434304-b932-dcd7-8b46-d7d2c0933d9b}.exe" -> Found
  17. [PUP] (X64) HKEY_LOCAL_MACHINE\RK_System_ON_C_197E\ControlSet001\Services\CltMngSvc -> Found
  18. [PUP] (X64) HKEY_LOCAL_MACHINE\RK_System_ON_C_197E\ControlSet002\Services\CltMngSvc -> Found
  19. [PUM.HomePage] (X64) HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome -> Found
  20. [PUM.HomePage] (X86) HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome -> Found
  21. [PUM.HomePage] (X64) HKEY_USERS\RK_Adam_ON_C_C743\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.trovi.com/?gd=&ctid=CT3326235&octid=EB_ORIGINAL_CTID&ISID=M99A4003A-2905-470C-B183-3EA4EEBBF8FC&SearchSource=55&CUI=&UM=5&UP=SP49DA3FCF-5944-4DA3-9785-805A910CBF6E&SSPV= -> Found
  22. [PUM.HomePage] (X86) HKEY_USERS\RK_Adam_ON_C_C743\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.trovi.com/?gd=&ctid=CT3326235&octid=EB_ORIGINAL_CTID&ISID=M99A4003A-2905-470C-B183-3EA4EEBBF8FC&SearchSource=55&CUI=&UM=5&UP=SP49DA3FCF-5944-4DA3-9785-805A910CBF6E&SSPV= -> Found
  23. [PUM.HomePage] (X64) HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome -> Found
  24. [PUM.HomePage] (X86) HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome -> Found
  25. [PUM.SearchPage] (X64) HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main | Search Page : http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch -> Found
  26. [PUM.SearchPage] (X86) HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main | Search Page : http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch -> Found
  27. [PUM.SearchPage] (X64) HKEY_USERS\S-1-5-21-2622789366-4104432293-3959885506-1000\Software\Microsoft\Internet Explorer\Main | Search Page : http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch -> Found
  28. [PUM.SearchPage] (X86) HKEY_USERS\S-1-5-21-2622789366-4104432293-3959885506-1000\Software\Microsoft\Internet Explorer\Main | Search Page : http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch -> Found
  29. [PUM.SearchPage] (X64) HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main | Search Page : http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch -> Found
  30. [PUM.SearchPage] (X86) HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main | Search Page : http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch -> Found
  31. [PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters | DhcpNameServer : 209.18.47.61 209.18.47.62 [UNITED STATES (US)] -> Found
  32. [PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters | DhcpNameServer : 209.18.47.61 209.18.47.62 [UNITED STATES (US)] -> Found
  33. [PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters | DhcpNameServer : 209.18.47.61 209.18.47.62 [UNITED STATES (US)] -> Found
  34. [PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{4FADB798-4048-4794-80B3-060282232966} | DhcpNameServer : 209.18.47.61 209.18.47.62 [UNITED STATES (US)] -> Found
  35. [PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{4FADB798-4048-4794-80B3-060282232966} | DhcpNameServer : 209.18.47.61 209.18.47.62 [UNITED STATES (US)] -> Found
  36. [PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters\Interfaces\{4FADB798-4048-4794-80B3-060282232966} | DhcpNameServer : 209.18.47.61 209.18.47.62 [UNITED STATES (US)] -> Found
  37. [PUM.DesktopIcons] (X64) HKEY_USERS\S-1-5-21-2622789366-4104432293-3959885506-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> Found
  38. [PUM.DesktopIcons] (X64) HKEY_USERS\S-1-5-21-2622789366-4104432293-3959885506-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu | {59031A47-3F72-44A7-89C5-5595FE6B30EE} : 1 -> Found
  39. [PUM.DesktopIcons] (X86) HKEY_USERS\S-1-5-21-2622789366-4104432293-3959885506-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> Found
  40. [PUM.DesktopIcons] (X86) HKEY_USERS\S-1-5-21-2622789366-4104432293-3959885506-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu | {59031A47-3F72-44A7-89C5-5595FE6B30EE} : 1 -> Found
  41. [PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\RK_Software_ON_C_466C\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> Found
  42. [PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\RK_Software_ON_C_466C\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> Found
  43. [PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\RK_Software_ON_C_466C\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> Found
  44. [PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\RK_Software_ON_C_466C\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> Found
  45. [PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> Found
  46. [PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> Found
  47. [PUM.DesktopIcons] (X64) HKEY_USERS\S-1-5-21-2622789366-4104432293-3959885506-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> Found
  48. [PUM.DesktopIcons] (X64) HKEY_USERS\S-1-5-21-2622789366-4104432293-3959885506-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031A47-3F72-44A7-89C5-5595FE6B30EE} : 1 -> Found
  49. [PUM.DesktopIcons] (X86) HKEY_USERS\S-1-5-21-2622789366-4104432293-3959885506-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> Found
  50. [PUM.DesktopIcons] (X86) HKEY_USERS\S-1-5-21-2622789366-4104432293-3959885506-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031A47-3F72-44A7-89C5-5595FE6B30EE} : 1 -> Found
  51.  
  52. ¤¤¤ Tasks : 0 ¤¤¤
  53.  
  54. ¤¤¤ Files : 1 ¤¤¤
  55. [Hj.Name][File] Monitor Ink Alerts - HP Deskjet 3510 series.lnk -- C:\Users\Adam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitor Ink Alerts - HP Deskjet 3510 series.lnk [LNK@] E:\Windows\System32\RunDll32.exe "C:\Program Files\HP\HP Deskjet 3510 series\bin\HPStatusBL.dll",RunDLLEntry SERIALNUMBER=CN35R1NNR505Y7;CONNECTION=USB;MONITOR=1; -> Found
  56.  
  57. ¤¤¤ Hosts File : 1 ¤¤¤
  58. [E:\Windows\System32\drivers\etc\hosts] 127.0.0.1 localhost
  59.  
  60. ¤¤¤ Antirootkit : 1 (Driver: Loaded) ¤¤¤
  61. [Filter(Kernel.Filter)] \Driver\atapi @ \Device\CdRom0 : \Driver\GEARAspiWDM @ Unknown (\SystemRoot\system32\DRIVERS\1394ohci.sys)
  62.  
  63. ¤¤¤ Web browsers : 0 ¤¤¤
  64.  
  65. ¤¤¤ MBR Check : ¤¤¤
  66. +++++ PhysicalDrive0: ST31000528AS ATA Device +++++
  67. --- User ---
  68. [MBR] 2818df2e40ed55671db5836bb4d11e0d
  69. [BSP] 4b40a654f2eed2a0d58b436bdcfdf384 : Windows Vista/7/8 MBR Code
  70. Partition table:
  71. 0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 100 MB
  72. 1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 206848 | Size: 953767 MB
  73. User = LL1 ... OK
  74. User = LL2 ... OK
  75.  
  76. +++++ PhysicalDrive1: Samsung SSD 840 EVO 250GB ATA Device +++++
  77. --- User ---
  78. [MBR] a2d3c2b420296ce71d277f154e53f6d7
  79. [BSP] 655542efa96fe804c29ec51e01a5462d : Windows Vista/7/8 MBR Code
  80. Partition table:
  81. 0 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 238473 MB
  82. User = LL1 ... OK
  83. User = LL2 ... OK
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!