Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- RogueKiller V8.6.1 _x64_ [Jun 24 2013] by Tigzy
- mail : tigzyRK<at>gmail<dot>com
- Feedback : http://www.geekstogo.com/forum/files/file/413-roguekiller/
- Website : http://tigzy.geekstogo.com/roguekiller.php
- Blog : http://tigzyrk.blogspot.com/
- Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
- Started in : Normal mode
- User : Quicksilver [Admin rights]
- Mode : Scan -- Date : 06/24/2013 19:16:24
- | ARK || FAK || MBR |
- ¤¤¤ Bad processes : 0 ¤¤¤
- ¤¤¤ Registry Entries : 9 ¤¤¤
- [HJ POL] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> FOUND
- [HJ POL] HKLM\[...]\System : EnableLUA (0) -> FOUND
- [HJ POL] HKLM\[...]\Wow6432Node\[...]\System : ConsentPromptBehaviorAdmin (0) -> FOUND
- [HJ POL] HKLM\[...]\Wow6432Node\[...]\System : EnableLUA (0) -> FOUND
- [HJ SMENU] HKCU\[...]\Advanced : Start_ShowMyGames (0) -> FOUND
- [HJ SMENU] HKCU\[...]\Advanced : Start_ShowHelp (0) -> FOUND
- [HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
- [HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND
- [EXT RUN][SUSP PATH] HKCU\Quicksilver_ON_E:\[...]\Run : Internet Security (C:\ProgramData\isecurity.exe [x]) -> FOUND
- ¤¤¤ Scheduled tasks : 0 ¤¤¤
- ¤¤¤ Startup Entries : 0 ¤¤¤
- ¤¤¤ Web browsers : 3 ¤¤¤
- [FF][PROXY] gcspxzfz.default : user_pref("network.proxy.hxxp", "91.214.228.129"); -> FOUND
- [FF][PROXY] gcspxzfz.default : user_pref("network.proxy.hxxp_port", 8080); -> FOUND
- [FF][PROXY] gcspxzfz.default : user_pref("network.proxy.type", 1); -> FOUND
- ¤¤¤ Particular Files / Folders: ¤¤¤
- ¤¤¤ Driver : [NOT LOADED] ¤¤¤
- ¤¤¤ External Hives: ¤¤¤
- -> D:\windows\system32\config\SYSTEM
- C:\WINDOWS\system32
- C:\Documents and Settings\Default User\Start Menu\Programs\Startup
- -> D:\windows\system32\config\SOFTWARE
- C:\WINDOWS\system32
- C:\Documents and Settings\Default User\Start Menu\Programs\Startup
- -> D:\windows\system32\config\SECURITY
- C:\WINDOWS\system32
- C:\Documents and Settings\Default User\Start Menu\Programs\Startup
- -> D:\windows\system32\config\SAM
- C:\WINDOWS\system32
- C:\Documents and Settings\Default User\Start Menu\Programs\Startup
- -> D:\windows\system32\config\DEFAULT
- C:\WINDOWS\system32
- C:\Documents and Settings\Default User\Start Menu\Programs\Startup
- -> D:\Documents and Settings\Default User\NTUSER.DAT
- C:\WINDOWS\system32
- C:\Documents and Settings\Default User\Start Menu\Programs\Startup
- -> D:\Documents and Settings\Greenwell\NTUSER.DAT
- C:\WINDOWS\system32
- C:\Documents and Settings\Greenwell\Start Menu\Programs\Startup
- -> D:\Documents and Settings\LocalService\NTUSER.DAT
- C:\WINDOWS\system32
- C:\Documents and Settings\LocalService\Start Menu\Programs\Startup
- -> D:\Documents and Settings\NetworkService\NTUSER.DAT
- C:\WINDOWS\system32
- C:\Documents and Settings\NetworkService\Start Menu\Programs\Startup
- -> E:\windows\system32\config\SYSTEM
- C:\Windows\system32
- C:\Users\Quicksilver\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
- -> E:\windows\system32\config\SOFTWARE
- C:\Windows\system32
- C:\Users\Quicksilver\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
- -> E:\windows\system32\config\SECURITY
- C:\Windows\system32
- C:\Users\Quicksilver\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
- -> E:\windows\system32\config\SAM
- C:\Windows\system32
- C:\Users\Quicksilver\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
- -> E:\windows\system32\config\DEFAULT
- C:\Windows\system32
- C:\Users\Quicksilver\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
- -> E:\Users\Default\NTUSER.DAT
- C:\Windows\system32
- -> E:\Users\Default User\NTUSER.DAT
- C:\Windows\system32
- -> E:\Users\Mcx1-QUICKSILVER-PC\NTUSER.DAT
- C:\Windows\system32
- -> E:\Users\Quicksilver\NTUSER.DAT
- C:\Windows\system32
- C:\Users\Quicksilver\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
- -> E:\Users\UpdatusUser\NTUSER.DAT
- C:\Windows\system32
- -> E:\Documents and Settings\Default\NTUSER.DAT
- C:\Windows\system32
- -> E:\Documents and Settings\Default User\NTUSER.DAT
- C:\Windows\system32
- -> E:\Documents and Settings\Quicksilver\NTUSER.DAT
- C:\Windows\system32
- ¤¤¤ Infection : ¤¤¤
- ¤¤¤ HOSTS File: ¤¤¤
- --> %SystemRoot%\System32\drivers\etc\hosts
- ¤¤¤ MBR Check: ¤¤¤
- +++++ PhysicalDrive0: ST380815AS ATA Device +++++
- --- User ---
- [MBR] 2d46964890ad7503a0f1eed8dd4df7cd
- [BSP] 9bb2bb6e4c97aa0f67cc3193552f1d7e : Windows XP MBR Code
- Partition table:
- 0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 76308 Mo
- User = LL1 ... OK!
- User = LL2 ... OK!
- +++++ PhysicalDrive1: ST380815AS ATA Device +++++
- --- User ---
- [MBR] 9755295f168b8816beecd167ddc422e6
- [BSP] 4d5945fc4d3cab867356966a6410c601 : Windows 7/8 MBR Code
- Partition table:
- 0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 953867 Mo
- User = LL1 ... OK!
- User = LL2 ... OK!
- +++++ PhysicalDrive2: ST380815AS ATA Device +++++
- --- User ---
- [MBR] 0b08cbfcf9b3cd585f8ba070296fc474
- [BSP] 947c2e6bd1f9dac91b1473b21baa6d35 : Windows 7/8 MBR Code
- Partition table:
- 0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo
- 1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 476838 Mo
- User = LL1 ... OK!
- User = LL2 ... OK!
- Finished : << RKreport[0]_S_06242013_191624.txt >>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement