Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- RogueKiller V10.0.4.0 (x64) [Oct 29 2014] by Adlice Software
- mail : http://www.adlice.com/contact/
- Feedback : http://forum.adlice.com
- Website : http://www.adlice.com/softwares/roguekiller/
- Blog : http://www.adlice.com
- Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
- Started in : Normal mode
- User : Adrock [Administrator]
- Mode : Scan -- Date : 10/29/2014 17:47:52
- ¤¤¤ Processes : 0 ¤¤¤
- ¤¤¤ Registry : 36 ¤¤¤
- [Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\RK_Software_ON_C_466C\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run | {43434304-b932-dcd7-8b46-d7d2c0933d9b} : "C:\ProgramData\Microsoft\{43434304-b932-dcd7-8b46-d7d2c0933d9b}\{43434304-b932-dcd7-8b46-d7d2c0933d9b}.exe" -> Found
- [Suspicious.Path] (X86) HKEY_LOCAL_MACHINE\RK_Software_ON_C_466C\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run | {43434304-b932-dcd7-8b46-d7d2c0933d9b} : "C:\ProgramData\Microsoft\{43434304-b932-dcd7-8b46-d7d2c0933d9b}\{43434304-b932-dcd7-8b46-d7d2c0933d9b}.exe" -> Found
- [PUP] (X64) HKEY_LOCAL_MACHINE\RK_System_ON_C_197E\ControlSet001\Services\CltMngSvc -> Found
- [PUP] (X64) HKEY_LOCAL_MACHINE\RK_System_ON_C_197E\ControlSet002\Services\CltMngSvc -> Found
- [PUM.HomePage] (X64) HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome -> Found
- [PUM.HomePage] (X86) HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome -> Found
- [PUM.HomePage] (X64) HKEY_USERS\RK_Adam_ON_C_C743\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.trovi.com/?gd=&ctid=CT3326235&octid=EB_ORIGINAL_CTID&ISID=M99A4003A-2905-470C-B183-3EA4EEBBF8FC&SearchSource=55&CUI=&UM=5&UP=SP49DA3FCF-5944-4DA3-9785-805A910CBF6E&SSPV= -> Found
- [PUM.HomePage] (X86) HKEY_USERS\RK_Adam_ON_C_C743\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.trovi.com/?gd=&ctid=CT3326235&octid=EB_ORIGINAL_CTID&ISID=M99A4003A-2905-470C-B183-3EA4EEBBF8FC&SearchSource=55&CUI=&UM=5&UP=SP49DA3FCF-5944-4DA3-9785-805A910CBF6E&SSPV= -> Found
- [PUM.HomePage] (X64) HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome -> Found
- [PUM.HomePage] (X86) HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome -> Found
- [PUM.SearchPage] (X64) HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main | Search Page : http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch -> Found
- [PUM.SearchPage] (X86) HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main | Search Page : http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch -> Found
- [PUM.SearchPage] (X64) HKEY_USERS\S-1-5-21-2622789366-4104432293-3959885506-1000\Software\Microsoft\Internet Explorer\Main | Search Page : http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch -> Found
- [PUM.SearchPage] (X86) HKEY_USERS\S-1-5-21-2622789366-4104432293-3959885506-1000\Software\Microsoft\Internet Explorer\Main | Search Page : http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch -> Found
- [PUM.SearchPage] (X64) HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main | Search Page : http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch -> Found
- [PUM.SearchPage] (X86) HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main | Search Page : http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch -> Found
- [PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters | DhcpNameServer : 209.18.47.61 209.18.47.62 [UNITED STATES (US)] -> Found
- [PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters | DhcpNameServer : 209.18.47.61 209.18.47.62 [UNITED STATES (US)] -> Found
- [PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters | DhcpNameServer : 209.18.47.61 209.18.47.62 [UNITED STATES (US)] -> Found
- [PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{4FADB798-4048-4794-80B3-060282232966} | DhcpNameServer : 209.18.47.61 209.18.47.62 [UNITED STATES (US)] -> Found
- [PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{4FADB798-4048-4794-80B3-060282232966} | DhcpNameServer : 209.18.47.61 209.18.47.62 [UNITED STATES (US)] -> Found
- [PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters\Interfaces\{4FADB798-4048-4794-80B3-060282232966} | DhcpNameServer : 209.18.47.61 209.18.47.62 [UNITED STATES (US)] -> Found
- [PUM.DesktopIcons] (X64) HKEY_USERS\S-1-5-21-2622789366-4104432293-3959885506-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> Found
- [PUM.DesktopIcons] (X64) HKEY_USERS\S-1-5-21-2622789366-4104432293-3959885506-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu | {59031A47-3F72-44A7-89C5-5595FE6B30EE} : 1 -> Found
- [PUM.DesktopIcons] (X86) HKEY_USERS\S-1-5-21-2622789366-4104432293-3959885506-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> Found
- [PUM.DesktopIcons] (X86) HKEY_USERS\S-1-5-21-2622789366-4104432293-3959885506-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu | {59031A47-3F72-44A7-89C5-5595FE6B30EE} : 1 -> Found
- [PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\RK_Software_ON_C_466C\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> Found
- [PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\RK_Software_ON_C_466C\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> Found
- [PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\RK_Software_ON_C_466C\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> Found
- [PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\RK_Software_ON_C_466C\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> Found
- [PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> Found
- [PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> Found
- [PUM.DesktopIcons] (X64) HKEY_USERS\S-1-5-21-2622789366-4104432293-3959885506-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> Found
- [PUM.DesktopIcons] (X64) HKEY_USERS\S-1-5-21-2622789366-4104432293-3959885506-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031A47-3F72-44A7-89C5-5595FE6B30EE} : 1 -> Found
- [PUM.DesktopIcons] (X86) HKEY_USERS\S-1-5-21-2622789366-4104432293-3959885506-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> Found
- [PUM.DesktopIcons] (X86) HKEY_USERS\S-1-5-21-2622789366-4104432293-3959885506-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031A47-3F72-44A7-89C5-5595FE6B30EE} : 1 -> Found
- ¤¤¤ Tasks : 0 ¤¤¤
- ¤¤¤ Files : 1 ¤¤¤
- [Hj.Name][File] Monitor Ink Alerts - HP Deskjet 3510 series.lnk -- C:\Users\Adam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitor Ink Alerts - HP Deskjet 3510 series.lnk [LNK@] E:\Windows\System32\RunDll32.exe "C:\Program Files\HP\HP Deskjet 3510 series\bin\HPStatusBL.dll",RunDLLEntry SERIALNUMBER=CN35R1NNR505Y7;CONNECTION=USB;MONITOR=1; -> Found
- ¤¤¤ Hosts File : 1 ¤¤¤
- [E:\Windows\System32\drivers\etc\hosts] 127.0.0.1 localhost
- ¤¤¤ Antirootkit : 1 (Driver: Loaded) ¤¤¤
- [Filter(Kernel.Filter)] \Driver\atapi @ \Device\CdRom0 : \Driver\GEARAspiWDM @ Unknown (\SystemRoot\system32\DRIVERS\1394ohci.sys)
- ¤¤¤ Web browsers : 0 ¤¤¤
- ¤¤¤ MBR Check : ¤¤¤
- +++++ PhysicalDrive0: ST31000528AS ATA Device +++++
- --- User ---
- [MBR] 2818df2e40ed55671db5836bb4d11e0d
- [BSP] 4b40a654f2eed2a0d58b436bdcfdf384 : Windows Vista/7/8 MBR Code
- Partition table:
- 0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 100 MB
- 1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 206848 | Size: 953767 MB
- User = LL1 ... OK
- User = LL2 ... OK
- +++++ PhysicalDrive1: Samsung SSD 840 EVO 250GB ATA Device +++++
- --- User ---
- [MBR] a2d3c2b420296ce71d277f154e53f6d7
- [BSP] 655542efa96fe804c29ec51e01a5462d : Windows Vista/7/8 MBR Code
- Partition table:
- 0 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 238473 MB
- User = LL1 ... OK
- User = LL2 ... OK
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement