Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- RogueKiller V8.8.15 _x64_ [Mar 27 2014] by Adlice Software
- mail : http://www.adlice.com/contact/
- Feedback : http://forum.adlice.com
- Website : http://www.adlice.com/softwares/roguekiller/
- Blog : http://www.adlice.com
- Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
- Started in : Normal mode
- User : Druback [Admin rights]
- Mode : Scan -- Date : 04/20/2014 12:24:20
- | ARK || FAK || MBR |
- ¤¤¤ Bad processes : 1 ¤¤¤
- [SUSP PATH][DLL] explorer.exe -- C:\Users\Druback\AppData\Local\Temp\TeamViewer\Version8\tv_x64.dll [x] -> UNLOADED
- ¤¤¤ Registry Entries : 3 ¤¤¤
- [HJ POL][PUM] HKCU\[...]\System : DisableTaskMgr (0) -> FOUND
- [HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
- [HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND
- ¤¤¤ Scheduled tasks : 0 ¤¤¤
- ¤¤¤ Startup Entries : 0 ¤¤¤
- ¤¤¤ Web browsers : 0 ¤¤¤
- ¤¤¤ Browser Addons : 0 ¤¤¤
- ¤¤¤ Particular Files / Folders: ¤¤¤
- ¤¤¤ Driver : [NOT LOADED 0x0] ¤¤¤
- [Address] IAT @iexplore.exe (GetProcAddress) : KERNEL32.dll -> HOOKED (C:\Program Files\Internet Explorer\IEShims.dll @ 0xF0D93330)
- [Address] IAT @iexplore.exe (StrStrIW) : api-ms-win-downlevel-shlwapi-l1-1-0.dll -> HOOKED (C:\Windows\system32\SHLWAPI.dll @ 0xFDC1FB70)
- [Address] IAT @iexplore.exe (GetProcAddress) : KERNEL32.dll -> HOOKED (C:\Program Files (x86)\Internet Explorer\IEShims.dll @ 0x6DE613DD)
- [Address] IAT @iexplore.exe (StrStrIW) : api-ms-win-downlevel-shlwapi-l1-1-0.dll -> HOOKED (C:\Windows\syswow64\shlwapi.DLL @ 0x75E846E9)
- ¤¤¤ External Hives: ¤¤¤
- ¤¤¤ Infection : ¤¤¤
- ¤¤¤ HOSTS File: ¤¤¤
- --> %SystemRoot%\System32\drivers\etc\hosts
- ¤¤¤ MBR Check: ¤¤¤
- +++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) Hitachi HTS547564A9E384 +++++
- --- User ---
- [MBR] c77650dadbdd74338a079796ec001b93
- [BSP] 139f9342507d5f69d78b8d4d1cc64ad7 : Windows 7/8 MBR Code
- Partition table:
- 0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 199 MB
- 1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 409600 | Size: 595763 MB
- 2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 1220532224 | Size: 14413 MB
- 3 - [XXXXXX] FAT32-LBA (0x0c) [VISIBLE] Offset (sectors): 1250050048 | Size: 103 MB
- User = LL1 ... OK!
- User != LL2 ... KO!
- --- LL2 ---
- [MBR] e9db50b585bb6053fe928f1845a2075a
- [BSP] 139f9342507d5f69d78b8d4d1cc64ad7 : Windows 7/8 MBR Code
- Partition table:
- 0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 409600 | Size: 77824 MB
- 1 - [XXXXXX] FAT32-LBA (0x0c) [VISIBLE] Offset (sectors): 159793152 | Size: 400 MB
- Finished : << RKreport[0]_S_04202014_122420.txt >>
- RKreport[0]_S_04122014_173543.txt
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement