Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- RogueKiller V12.12.12.0 (x64) [Apr 9 2018] (Free) by Adlice Software
- mail : http://www.adlice.com/contact/
- Feedback : https://forum.adlice.com
- Website : http://www.adlice.com/download/roguekiller/
- Blog : http://www.adlice.com
- Operating System : Windows 10 (10.0.16299) 64 bits version
- Started in : Normal mode
- User : GrizzlyBear [Administrator]
- Started from : C:\Program Files\RogueKiller\RogueKiller64.exe
- Mode : Delete -- Date : 04/09/2018 19:11:55 (Duration : 00:30:56)
- ¤¤¤ Processes : 2 ¤¤¤
- [PUP.HackTool|VT.Detected] KMS-R@1n.exe(2528) -- C:\Windows\KMS-R@1n.exe[-] -> Killed [TermProc]
- [PUP.HackTool|VT.Detected] (SVC) KMS-R@1n -- C:\Windows\KMS-R@1n.exe[-] -> ERROR [6d]
- ¤¤¤ Registry : 8 ¤¤¤
- [PUP.HackTool|VT.Detected] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\KMS-R@1n (C:\Windows\KMS-R@1n.exe) -> Deleted
- [PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{e210ca46-04b2-4afa-99a9-846376f4d637} | DhcpNameServer : 10.14.0.1 ([]) -> Replaced ()
- [PUP.HackTool|VT.Detected] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {48813667-18BD-48CE-B881-9F1DB067CE44} : v2.27|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort=1688|App=C:\Windows\KMS-R@1n.exe|Name=KMS-R@1n| [-] -> Deleted
- [PUP.HackTool|VT.Detected] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {0DFC64D8-C2EE-40AD-B554-76C73BBED389} : v2.27|Action=Allow|Active=TRUE|Dir=Out|Protocol=6|LPort=1688|App=C:\Windows\KMS-R@1n.exe|Name=KMS-R@1n| [-] -> Deleted
- [PUP.HackTool|VT.Detected] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\OSppSvc.exe | Debugger : KMS-R@1nHook.exe [-] -> Deleted
- [PUP.HackTool|VT.Detected] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SppExtComObj.exe | Debugger : KMS-R@1nHook.exe [-] -> Deleted
- [PUP.HackTool|VT.Detected] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\OSppSvc.exe | Debugger : KMS-R@1nHook.exe [-] -> ERROR [2]
- [PUP.HackTool|VT.Detected] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SppExtComObj.exe | Debugger : KMS-R@1nHook.exe [-] -> ERROR [2]
- ¤¤¤ Tasks : 0 ¤¤¤
- ¤¤¤ Files : 3 ¤¤¤
- [PUP.HackTool][File] C:\Windows\KMS-R@1n.exe -> Deleted
- [PUP.HackTool][File] C:\Windows\KMS-R@1nHook.exe -> Removed at reboot [5]
- [PUP.uTorrentAds][File] C:\Users\GrizzlyBear\AppData\Roaming\uTorrent\updates\3.5.1_44332\utorrentie.exe -> Deleted
- ¤¤¤ WMI : 0 ¤¤¤
- ¤¤¤ Hosts File : 0 ¤¤¤
- ¤¤¤ Antirootkit : 0 (Driver: Loaded) ¤¤¤
- ¤¤¤ Web browsers : 0 ¤¤¤
- ¤¤¤ MBR Check : ¤¤¤
- +++++ PhysicalDrive0: TOSHIBA DT01ACA100 +++++
- --- User ---
- [MBR] f663f8592e20f0b47b5c4c2044846776
- [BSP] 05206d34d81c0ce2d57fccd2bc4a3789 : Windows Vista/7/8|VT.Unknown MBR Code
- Partition table:
- 0 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 100 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
- 1 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 206848 | Size: 953767 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
- User = LL1 ... OK
- User = LL2 ... OK
Add Comment
Please, Sign In to add comment
