API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Apr 2nd, 2017
169
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 5.99 KB | None | 0 0
raw download clone embed print report
  1. RogueKiller V12.10.2.0 (x64) [Mar 27 2017] (Free) by Adlice Software
  2. mail : http://www.adlice.com/contact/
  3. Feedback : https://forum.adlice.com
  4. Website : http://www.adlice.com/download/roguekiller/
  5. Blog : http://www.adlice.com
  6.  
  7. Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
  8. Started in : Normal mode
  9. User : Peter [Administrator]
  10. Started from : C:\Program Files\RogueKiller\RogueKiller64.exe
  11. Mode : Scan -- Date : 04/02/2017 22:11:23 (Duration : 00:33:04)
  12.  
  13. ¤¤¤ Processes : 1 ¤¤¤
  14. [Suspicious.Path] (SVC) NVR0FLASHDev -- \??\C:\Windows\nvflsh64.sys[7] -> Found
  15.  
  16. ¤¤¤ Registry : 10 ¤¤¤
  17. [PUP.Gen1] (X64) HKEY_USERS\S-1-5-21-2931357362-503610778-2570266799-1000\Software\IM -> Found
  18. [PUP.Gen1] (X86) HKEY_USERS\S-1-5-21-2931357362-503610778-2570266799-1000\Software\IM -> Found
  19. [PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{7614A345-B888-4A20-961C-BD8077503B6E} | DhcpNameServer : 172.20.10.1 ([]) -> Found
  20. [PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{9401911D-1F00-4571-9185-D01EDBE7A7BF} | DhcpNameServer : 172.20.10.1 ([]) -> Found
  21. [PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters\Interfaces\{7614A345-B888-4A20-961C-BD8077503B6E} | DhcpNameServer : 172.20.10.1 ([]) -> Found
  22. [PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters\Interfaces\{9401911D-1F00-4571-9185-D01EDBE7A7BF} | DhcpNameServer : 172.20.10.1 ([]) -> Found
  23. [PUP.Gen1] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | TCP Query User{DE191DCA-79E3-4E60-8F76-0D26B1D59E7D}C:\program files (x86)\cain\cain.exe : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|Profile=Public|App=C:\program files (x86)\cain\cain.exe|Name=Cain - Password Recovery Utility|Desc=Cain - Password Recovery Utility|Defer=User| [x] -> Found
  24. [PUP.Gen1] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | UDP Query User{A64F4611-5132-4AFE-AE7E-AF2AA0799152}C:\program files (x86)\cain\cain.exe : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|Profile=Public|App=C:\program files (x86)\cain\cain.exe|Name=Cain - Password Recovery Utility|Desc=Cain - Password Recovery Utility|Defer=User| [x] -> Found
  25. [PUP.Gen1] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | TCP Query User{DE191DCA-79E3-4E60-8F76-0D26B1D59E7D}C:\program files (x86)\cain\cain.exe : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|Profile=Public|App=C:\program files (x86)\cain\cain.exe|Name=Cain - Password Recovery Utility|Desc=Cain - Password Recovery Utility|Defer=User| [x] -> Found
  26. [PUP.Gen1] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | UDP Query User{A64F4611-5132-4AFE-AE7E-AF2AA0799152}C:\program files (x86)\cain\cain.exe : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|Profile=Public|App=C:\program files (x86)\cain\cain.exe|Name=Cain - Password Recovery Utility|Desc=Cain - Password Recovery Utility|Defer=User| [x] -> Found
  27.  
  28. ¤¤¤ Tasks : 0 ¤¤¤
  29.  
  30. ¤¤¤ Files : 4 ¤¤¤
  31. [PUP.Gen1][Folder] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cain -> Found
  32. [Hj.Shortcut][File] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenSSL\Official OpenSSL Documentation.lnk [LNK@] C:\PROGRA~2\INTERN~1\iexplore.exe http://www.openssl.org/docs/ -> Found
  33. [Hj.Shortcut][File] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenSSL\Official OpenSSL Website.lnk [LNK@] C:\PROGRA~2\INTERN~1\iexplore.exe http://www.openssl.org/ -> Found
  34. [Hj.Shortcut][File] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenSSL\Win32 OpenSSL Website.lnk [LNK@] C:\PROGRA~2\INTERN~1\iexplore.exe http://www.slproweb.com/products/Win32OpenSSL.html -> Found
  35.  
  36. ¤¤¤ WMI : 0 ¤¤¤
  37.  
  38. ¤¤¤ Hosts File : 0 ¤¤¤
  39.  
  40. ¤¤¤ Antirootkit : 0 (Driver: Loaded) ¤¤¤
  41.  
  42. ¤¤¤ Web browsers : 1 ¤¤¤
  43. [PUP.Gen0][Chrome:Addon] Default : Hover Zoom [nonjdcjchghhkdoolnlbekcfllmednbl] -> Found
  44.  
  45. ¤¤¤ MBR Check : ¤¤¤
  46. +++++ PhysicalDrive0: ST2000DM001-1E6164 +++++
  47. --- User ---
  48. [MBR] 49a8369a6370e05b19858102c21d1b15
  49. [BSP] 1b3f884da3198fb7dd80f6ab9ff8e2ba : Empty|VT.Unknown MBR Code
  50. Partition table:
  51. 0 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 1907727 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
  52. User = LL1 ... OK
  53. User = LL2 ... OK
  54.  
  55. +++++ PhysicalDrive1: WORK +++++
  56. --- User ---
  57. [MBR] 4270c703298c24b0d0ffd08ec4cf3b56
  58. [BSP] e800c6ae3541534eae58998f8de57249 : Windows Vista/7/8|VT.Unknown MBR Code
  59. Partition table:
  60. 0 - Microsoft reserved partition | Offset (sectors): 34 | Size: 128 MB
  61. 1 - Basic data partition | Offset (sectors): 262656 | Size: 953726 MB
  62. User = LL1 ... OK
  63. Error reading LL2 MBR! ([57] The parameter is incorrect. )
  64.  
  65. +++++ PhysicalDrive2: WDC WD4004FZWX-00GBGB0 ATA Device +++++
  66. --- User ---
  67. [MBR] 0086f36f0b7bc8b257f89fc226376c3d
  68. [BSP] 9e3b3c473b1db0daa516427cdae6e1cc : Windows Vista/7/8 MBR Code
  69. Partition table:
  70. 0 - Microsoft reserved partition | Offset (sectors): 34 | Size: 128 MB
  71. 1 - Basic data partition | Offset (sectors): 264192 | Size: 3815318 MB
  72. User = LL1 ... OK
  73. User = LL2 ... OK
  74.  
  75. +++++ PhysicalDrive3: SanDisk SDSSDHII240G ATA Device +++++
  76. --- User ---
  77. [MBR] 4ac989bcdadd19886cd4f798205592b9
  78. [BSP] b3b6cd81f4fb69049766c8f4469d1f5f : Windows Vista/7/8|VT.Unknown MBR Code
  79. Partition table:
  80. 0 - [MAN-MOUNT] Microsoft reserved partition | Offset (sectors): 206848 | Size: 128 MB
  81. 1 - | Offset (sectors): 2048 | Size: 100 MB
  82. 2 - | Offset (sectors): 468992 | Size: 228707 MB
  83. User = LL1 ... OK
  84. User = LL2 ... OK
  85.  
  86. +++++ PhysicalDrive4: Seagate Expansion Desk USB Device +++++
  87. Error reading User MBR! ([57] The parameter is incorrect. )
  88. Error reading LL1 MBR! ([79] The semaphore timeout period has expired. )
  89. Error reading LL2 MBR! ([32] The request is not supported. )
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!