Show Posts
1
RogueKiller / Re: ===> False Positives <===
« on: March 11, 2016, 02:53:11 AM »
Are all of these false positives?
RogueKiller V12.0.1.0 (x64) [Mar 7 2016] (Free) by Adlice Software
Operating System : Windows 10 (10.0.10586) 64 bits version
Started in : Normal mode
User : [Administrator]
Started from : C:\Program Files\RogueKiller\RogueKiller64.exe
Mode : Scan -- Date : 03/10/2016 19:56:01
¤¤¤ Processes : 3 ¤¤¤
[Proc.RunPE] igfxtray.exe(5208) -- C:\Windows\System32\igfxTray.exe
¤¤¤ Registry : 12 ¤¤¤
[PUM.HomePage] (X64) HKEY_USERS\S-1-5-21-679388669-3697153169-3940493748-1001\Software\Microsoft\Internet Explorer\Main | Start Page : http://asus13.msn.com/?pc=ASJB -> Found
[PUM.HomePage] (X86) HKEY_USERS\S-1-5-21-679388669-3697153169-3940493748-1001\Software\Microsoft\Internet Explorer\Main | Start Page : http://asus13.msn.com/?pc=ASJB -> Found
[PUM.HomePage] (X64) HKEY_USERS\S-1-5-21-679388669-3697153169-3940493748-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main | Start Page : http://asus13.msn.com/?pc=ASJB -> Found
[PUM.HomePage] (X86) HKEY_USERS\S-1-5-21-679388669-3697153169-3940493748-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main | Start Page : http://asus13.msn.com/?pc=ASJB -> Found
[PUM.HomePage] (X64) HKEY_USERS\S-1-5-21-679388669-3697153169-3940493748-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main | Start Page : http://asus13.msn.com/?pc=ASJB -> Found
[PUM.HomePage] (X86) HKEY_USERS\S-1-5-21-679388669-3697153169-3940493748-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main | Start Page : http://asus13.msn.com/?pc=ASJB -> Found
[PUM.HomePage] (X64) HKEY_USERS\S-1-5-21-679388669-3697153169-3940493748-1001\Software\Microsoft\Internet Explorer\Main | Default_Page_URL : http://asus13.msn.com/?pc=ASJB -> Found
[PUM.HomePage] (X86) HKEY_USERS\S-1-5-21-679388669-3697153169-3940493748-1001\Software\Microsoft\Internet Explorer\Main | Default_Page_URL : http://asus13.msn.com/?pc=ASJB -> Found
[PUM.HomePage] (X64) HKEY_USERS\S-1-5-21-679388669-3697153169-3940493748-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main | Default_Page_URL : http://asus13.msn.com/?pc=ASJB -> Found
[PUM.HomePage] (X86) HKEY_USERS\S-1-5-21-679388669-3697153169-3940493748-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main | Default_Page_URL : http://asus13.msn.com/?pc=ASJB -> Found
[PUM.HomePage] (X64) HKEY_USERS\S-1-5-21-679388669-3697153169-3940493748-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main | Default_Page_URL : http://asus13.msn.com/?pc=ASJB -> Found
[PUM.HomePage] (X86) HKEY_USERS\S-1-5-21-679388669-3697153169-3940493748-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main | Default_Page_URL : http://asus13.msn.com/?pc=ASJB -> Found
¤¤¤ Tasks : 0 ¤¤¤
¤¤¤ Files : 1 ¤¤¤
[Hj.Name][File] C:\Users\Ima\AppData\Local\Temp\44645a3\winlogon.exe -> Found
¤¤¤ Hosts File : 0 ¤¤¤
¤¤¤ Antirootkit : 0 (Driver: Not loaded [0x0]) ¤¤¤
¤¤¤ Web browsers : 0 ¤¤¤
¤¤¤ MBR Check : ¤¤¤
+++++ PhysicalDrive0: ST500LT012-1DG142 +++++
--- User ---
[MBR] beb9253c14cd2e84d0c7c51fca657a43
[BSP] b3fc247e62bdab1f7acf574a70a921f8 : Empty MBR Code
Partition table:
0 - [MAN-MOUNT] EFI system partition | Offset (sectors): 2048 | Size: 100 MB
1 - [SYSTEM][MAN-MOUNT] Basic data partition | Offset (sectors): 206848 | Size: 900 MB
2 - [MAN-MOUNT] Microsoft reserved partition | Offset (sectors): 2050048 | Size: 128 MB
3 - Basic data partition | Offset (sectors): 2312192 | Size: 190776 MB
4 - Basic data partition | Offset (sectors): 393021440 | Size: 264545 MB
5 - [SYSTEM][MAN-MOUNT] Basic data partition | Offset (sectors): 934809600 | Size: 20490 MB
User = LL1 ... OK
User = LL2 ... OK
RogueKiller V12.0.1.0 (x64) [Mar 7 2016] (Free) by Adlice Software
Operating System : Windows 10 (10.0.10586) 64 bits version
Started in : Normal mode
User : [Administrator]
Started from : C:\Program Files\RogueKiller\RogueKiller64.exe
Mode : Scan -- Date : 03/10/2016 19:56:01
¤¤¤ Processes : 3 ¤¤¤
[Proc.RunPE] igfxtray.exe(5208) -- C:\Windows\System32\igfxTray.exe
- -> Found
- -> Found
- -> Found
¤¤¤ Registry : 12 ¤¤¤
[PUM.HomePage] (X64) HKEY_USERS\S-1-5-21-679388669-3697153169-3940493748-1001\Software\Microsoft\Internet Explorer\Main | Start Page : http://asus13.msn.com/?pc=ASJB -> Found
[PUM.HomePage] (X86) HKEY_USERS\S-1-5-21-679388669-3697153169-3940493748-1001\Software\Microsoft\Internet Explorer\Main | Start Page : http://asus13.msn.com/?pc=ASJB -> Found
[PUM.HomePage] (X64) HKEY_USERS\S-1-5-21-679388669-3697153169-3940493748-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main | Start Page : http://asus13.msn.com/?pc=ASJB -> Found
[PUM.HomePage] (X86) HKEY_USERS\S-1-5-21-679388669-3697153169-3940493748-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main | Start Page : http://asus13.msn.com/?pc=ASJB -> Found
[PUM.HomePage] (X64) HKEY_USERS\S-1-5-21-679388669-3697153169-3940493748-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main | Start Page : http://asus13.msn.com/?pc=ASJB -> Found
[PUM.HomePage] (X86) HKEY_USERS\S-1-5-21-679388669-3697153169-3940493748-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main | Start Page : http://asus13.msn.com/?pc=ASJB -> Found
[PUM.HomePage] (X64) HKEY_USERS\S-1-5-21-679388669-3697153169-3940493748-1001\Software\Microsoft\Internet Explorer\Main | Default_Page_URL : http://asus13.msn.com/?pc=ASJB -> Found
[PUM.HomePage] (X86) HKEY_USERS\S-1-5-21-679388669-3697153169-3940493748-1001\Software\Microsoft\Internet Explorer\Main | Default_Page_URL : http://asus13.msn.com/?pc=ASJB -> Found
[PUM.HomePage] (X64) HKEY_USERS\S-1-5-21-679388669-3697153169-3940493748-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main | Default_Page_URL : http://asus13.msn.com/?pc=ASJB -> Found
[PUM.HomePage] (X86) HKEY_USERS\S-1-5-21-679388669-3697153169-3940493748-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main | Default_Page_URL : http://asus13.msn.com/?pc=ASJB -> Found
[PUM.HomePage] (X64) HKEY_USERS\S-1-5-21-679388669-3697153169-3940493748-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main | Default_Page_URL : http://asus13.msn.com/?pc=ASJB -> Found
[PUM.HomePage] (X86) HKEY_USERS\S-1-5-21-679388669-3697153169-3940493748-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main | Default_Page_URL : http://asus13.msn.com/?pc=ASJB -> Found
¤¤¤ Tasks : 0 ¤¤¤
¤¤¤ Files : 1 ¤¤¤
[Hj.Name][File] C:\Users\Ima\AppData\Local\Temp\44645a3\winlogon.exe -> Found
¤¤¤ Hosts File : 0 ¤¤¤
¤¤¤ Antirootkit : 0 (Driver: Not loaded [0x0]) ¤¤¤
¤¤¤ Web browsers : 0 ¤¤¤
¤¤¤ MBR Check : ¤¤¤
+++++ PhysicalDrive0: ST500LT012-1DG142 +++++
--- User ---
[MBR] beb9253c14cd2e84d0c7c51fca657a43
[BSP] b3fc247e62bdab1f7acf574a70a921f8 : Empty MBR Code
Partition table:
0 - [MAN-MOUNT] EFI system partition | Offset (sectors): 2048 | Size: 100 MB
1 - [SYSTEM][MAN-MOUNT] Basic data partition | Offset (sectors): 206848 | Size: 900 MB
2 - [MAN-MOUNT] Microsoft reserved partition | Offset (sectors): 2050048 | Size: 128 MB
3 - Basic data partition | Offset (sectors): 2312192 | Size: 190776 MB
4 - Basic data partition | Offset (sectors): 393021440 | Size: 264545 MB
5 - [SYSTEM][MAN-MOUNT] Basic data partition | Offset (sectors): 934809600 | Size: 20490 MB
User = LL1 ... OK
User = LL2 ... OK
