Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- RogueKiller V12.10.2.0 (x64) [Mar 27 2017] (Free) by Adlice Software
- mail : http://www.adlice.com/contact/
- Feedback : https://forum.adlice.com
- Website : http://www.adlice.com/download/roguekiller/
- Blog : http://www.adlice.com
- Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
- Started in : Normal mode
- User : Peter [Administrator]
- Started from : C:\Program Files\RogueKiller\RogueKiller64.exe
- Mode : Scan -- Date : 04/02/2017 22:11:23 (Duration : 00:33:04)
- ¤¤¤ Processes : 1 ¤¤¤
- [Suspicious.Path] (SVC) NVR0FLASHDev -- \??\C:\Windows\nvflsh64.sys[7] -> Found
- ¤¤¤ Registry : 10 ¤¤¤
- [PUP.Gen1] (X64) HKEY_USERS\S-1-5-21-2931357362-503610778-2570266799-1000\Software\IM -> Found
- [PUP.Gen1] (X86) HKEY_USERS\S-1-5-21-2931357362-503610778-2570266799-1000\Software\IM -> Found
- [PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{7614A345-B888-4A20-961C-BD8077503B6E} | DhcpNameServer : 172.20.10.1 ([]) -> Found
- [PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{9401911D-1F00-4571-9185-D01EDBE7A7BF} | DhcpNameServer : 172.20.10.1 ([]) -> Found
- [PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters\Interfaces\{7614A345-B888-4A20-961C-BD8077503B6E} | DhcpNameServer : 172.20.10.1 ([]) -> Found
- [PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters\Interfaces\{9401911D-1F00-4571-9185-D01EDBE7A7BF} | DhcpNameServer : 172.20.10.1 ([]) -> Found
- [PUP.Gen1] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | TCP Query User{DE191DCA-79E3-4E60-8F76-0D26B1D59E7D}C:\program files (x86)\cain\cain.exe : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|Profile=Public|App=C:\program files (x86)\cain\cain.exe|Name=Cain - Password Recovery Utility|Desc=Cain - Password Recovery Utility|Defer=User| [x] -> Found
- [PUP.Gen1] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | UDP Query User{A64F4611-5132-4AFE-AE7E-AF2AA0799152}C:\program files (x86)\cain\cain.exe : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|Profile=Public|App=C:\program files (x86)\cain\cain.exe|Name=Cain - Password Recovery Utility|Desc=Cain - Password Recovery Utility|Defer=User| [x] -> Found
- [PUP.Gen1] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | TCP Query User{DE191DCA-79E3-4E60-8F76-0D26B1D59E7D}C:\program files (x86)\cain\cain.exe : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|Profile=Public|App=C:\program files (x86)\cain\cain.exe|Name=Cain - Password Recovery Utility|Desc=Cain - Password Recovery Utility|Defer=User| [x] -> Found
- [PUP.Gen1] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | UDP Query User{A64F4611-5132-4AFE-AE7E-AF2AA0799152}C:\program files (x86)\cain\cain.exe : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|Profile=Public|App=C:\program files (x86)\cain\cain.exe|Name=Cain - Password Recovery Utility|Desc=Cain - Password Recovery Utility|Defer=User| [x] -> Found
- ¤¤¤ Tasks : 0 ¤¤¤
- ¤¤¤ Files : 4 ¤¤¤
- [PUP.Gen1][Folder] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cain -> Found
- [Hj.Shortcut][File] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenSSL\Official OpenSSL Documentation.lnk [LNK@] C:\PROGRA~2\INTERN~1\iexplore.exe http://www.openssl.org/docs/ -> Found
- [Hj.Shortcut][File] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenSSL\Official OpenSSL Website.lnk [LNK@] C:\PROGRA~2\INTERN~1\iexplore.exe http://www.openssl.org/ -> Found
- [Hj.Shortcut][File] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenSSL\Win32 OpenSSL Website.lnk [LNK@] C:\PROGRA~2\INTERN~1\iexplore.exe http://www.slproweb.com/products/Win32OpenSSL.html -> Found
- ¤¤¤ WMI : 0 ¤¤¤
- ¤¤¤ Hosts File : 0 ¤¤¤
- ¤¤¤ Antirootkit : 0 (Driver: Loaded) ¤¤¤
- ¤¤¤ Web browsers : 1 ¤¤¤
- [PUP.Gen0][Chrome:Addon] Default : Hover Zoom [nonjdcjchghhkdoolnlbekcfllmednbl] -> Found
- ¤¤¤ MBR Check : ¤¤¤
- +++++ PhysicalDrive0: ST2000DM001-1E6164 +++++
- --- User ---
- [MBR] 49a8369a6370e05b19858102c21d1b15
- [BSP] 1b3f884da3198fb7dd80f6ab9ff8e2ba : Empty|VT.Unknown MBR Code
- Partition table:
- 0 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 1907727 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
- User = LL1 ... OK
- User = LL2 ... OK
- +++++ PhysicalDrive1: WORK +++++
- --- User ---
- [MBR] 4270c703298c24b0d0ffd08ec4cf3b56
- [BSP] e800c6ae3541534eae58998f8de57249 : Windows Vista/7/8|VT.Unknown MBR Code
- Partition table:
- 0 - Microsoft reserved partition | Offset (sectors): 34 | Size: 128 MB
- 1 - Basic data partition | Offset (sectors): 262656 | Size: 953726 MB
- User = LL1 ... OK
- Error reading LL2 MBR! ([57] The parameter is incorrect. )
- +++++ PhysicalDrive2: WDC WD4004FZWX-00GBGB0 ATA Device +++++
- --- User ---
- [MBR] 0086f36f0b7bc8b257f89fc226376c3d
- [BSP] 9e3b3c473b1db0daa516427cdae6e1cc : Windows Vista/7/8 MBR Code
- Partition table:
- 0 - Microsoft reserved partition | Offset (sectors): 34 | Size: 128 MB
- 1 - Basic data partition | Offset (sectors): 264192 | Size: 3815318 MB
- User = LL1 ... OK
- User = LL2 ... OK
- +++++ PhysicalDrive3: SanDisk SDSSDHII240G ATA Device +++++
- --- User ---
- [MBR] 4ac989bcdadd19886cd4f798205592b9
- [BSP] b3b6cd81f4fb69049766c8f4469d1f5f : Windows Vista/7/8|VT.Unknown MBR Code
- Partition table:
- 0 - [MAN-MOUNT] Microsoft reserved partition | Offset (sectors): 206848 | Size: 128 MB
- 1 - | Offset (sectors): 2048 | Size: 100 MB
- 2 - | Offset (sectors): 468992 | Size: 228707 MB
- User = LL1 ... OK
- User = LL2 ... OK
- +++++ PhysicalDrive4: Seagate Expansion Desk USB Device +++++
- Error reading User MBR! ([57] The parameter is incorrect. )
- Error reading LL1 MBR! ([79] The semaphore timeout period has expired. )
- Error reading LL2 MBR! ([32] The request is not supported. )
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement