Author Topic: [Split]RogueKiller detect threat  (Read 6766 times)

0 Members and 1 Guest are viewing this topic.

March 03, 2017, 10:38:30 PM

SidVicious

  • Newbie

  • Offline
  • *

  • 4
  • Reputation:
    0
    • View Profile
[Split]RogueKiller detect threat
« on: March 03, 2017, 10:38:30 PM »
I have the following report from RogueKiller and I am not sure what is good and bad. Please help.

RogueKiller V12.9.9.0 (x64) [Feb 27 2017] (Free) by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Website : http://www.adlice.com/download/roguekiller/
Blog : http://www.adlice.com

Operating System : Windows 10 (10.0.14393) 64 bits version
Started in : Normal mode
User : Vicious [Administrator]
Started from : C:\Users\Vicious\Downloads\RogueKillerX64.exe
Mode : Scan -- Date : 03/03/2017 18:44:34 (Duration : 02:40:55)

¤¤¤ Processes : 0 ¤¤¤

¤¤¤ Registry : 13 ¤¤¤
[PUP.Gen1] (X86) HKEY_LOCAL_MACHINE\Software\AVG Security Toolbar -> Found
[PUP.Gen1] (X64) HKEY_USERS\S-1-5-21-3021216095-2796965564-4292562260-1001\Software\Escolade -> Found
[PUP.Gen1] (X64) HKEY_USERS\S-1-5-21-3021216095-2796965564-4292562260-1001\Software\eSupport.com -> Found
[PUP.Gen1] (X64) HKEY_USERS\S-1-5-21-3021216095-2796965564-4292562260-1001\Software\iLivid -> Found
[PUP.Gen1] (X64) HKEY_USERS\S-1-5-21-3021216095-2796965564-4292562260-1001\Software\SaveDailyDeals -> Found
[PUP.Gen1] (X64) HKEY_USERS\S-1-5-21-3021216095-2796965564-4292562260-1001\Software\USyndication -> Found
[PUP.Gen1] (X64) HKEY_USERS\S-1-5-21-3021216095-2796965564-4292562260-1001\Software\usyndication.com -> Found
[PUP.Gen1] (X86) HKEY_USERS\S-1-5-21-3021216095-2796965564-4292562260-1001\Software\Escolade -> Found
[PUP.Gen1] (X86) HKEY_USERS\S-1-5-21-3021216095-2796965564-4292562260-1001\Software\eSupport.com -> Found
[PUP.Gen1] (X86) HKEY_USERS\S-1-5-21-3021216095-2796965564-4292562260-1001\Software\iLivid -> Found
[PUP.Gen1] (X86) HKEY_USERS\S-1-5-21-3021216095-2796965564-4292562260-1001\Software\SaveDailyDeals -> Found
[PUP.Gen1] (X86) HKEY_USERS\S-1-5-21-3021216095-2796965564-4292562260-1001\Software\USyndication -> Found
[PUP.Gen1] (X86) HKEY_USERS\S-1-5-21-3021216095-2796965564-4292562260-1001\Software\usyndication.com -> Found

¤¤¤ Tasks : 1 ¤¤¤
[Hj.Name] \Auslogics\Disk Defrag\Scheduled Defragmentation -- rundll32.exe (TaskSchedulerHelper.dll,RunTask "DiskDefrag.exe" "-UseTray -Scheduler") -> Found

¤¤¤ Files : 14 ¤¤¤
[PUP.Gen1][Folder] C:\ProgramData\Ask -> Found
[PUP.Gen1][Folder] C:\ProgramData\AVG SafeGuard toolbar -> Found
[PUP.Gen1][Folder] C:\ProgramData\SecTaskMan -> Found
[PUP.Gen1][Folder] C:\Users\Vicious\AppData\Roaming\iSafe -> Found
[PUP.Gen1][Folder] C:\Users\Vicious\AppData\Roaming\Oxy -> Found
[PUP.Gen1][Folder] C:\Users\Vicious\AppData\Local\AVG SafeGuard toolbar -> Found
[PUP.Gen1][Folder] C:\Users\Vicious\AppData\Local\AVG Secure Search -> Found
[PUP.Gen1][Folder] C:\Users\Vicious\AppData\Local\genienext -> Found
[PUP.Gen0|PUP.Gen1][Folder] C:\Users\Vicious\AppData\Local\iLivid -> Found
[PUP.Gen1][Folder] C:\Users\Vicious\AppData\Local\Oxy -> Found
[PUP.Gen1][Folder] C:\ProgramData\Ask -> Found
[PUP.Gen1][Folder] C:\ProgramData\AVG SafeGuard toolbar -> Found
[PUP.Gen1][Folder] C:\ProgramData\SecTaskMan -> Found
[PUP.Gen1][Folder] C:\Program Files (x86)\AVG SafeGuard toolbar -> Found

¤¤¤ WMI : 0 ¤¤¤

¤¤¤ Hosts File : 0 ¤¤¤

¤¤¤ Antirootkit : 0 (Driver: Loaded) ¤¤¤

¤¤¤ Web browsers : 1 ¤¤¤
[PUM.HomePage][Chrome:Config] Default [SecurePrefs] : session.startup_urls [http://www.google.com/|http://start.sweetpacks.com/?src=10&st=12&crg=3.5000006.10042&barid={4E9E9C7A-AB8D-11E2-9ABA-4C72B913DC8E}|http://search.conduit.com/?ctid=CT3284668&SearchSource=48&CUI=UN11736703753459508&UM=2|http://mysearch.avg.com?cid={599D77C0-6D78-4792-84AA-60886F8E8DE5}&mid=9b4f96170f7c48ebb3103236338b7519-411b315f78332a6cdae34604df4bca0c9e3ad9e3&lang=en&ds=hk018&coid=avgtbdishk&cmpid=&pr=sa&d=2014-02-05 14:23:01&v=17.3.1.204&pid=safeguard&sg=0&sap=hp|http://www.google.com/|http://start.sweetpacks.com/?src=10&st=12&crg=3.5000006.10042&barid={599D77C0-6D78-4792-84AA-60886F8E8DE5}&SearchSource=48&CUI=UN11736703753459508&UM=2|http://mysearch.avg.com?cid={599D77C0-6D78-4792-84AA-60886F8E8DE5}&mid=9b4f96170f7c48ebb3103236338b7519-411b315f78332a6cdae34604df4bca0c9e3ad9e3&lang=en&ds=hk018&coid=avgtbdishk&cmpid=&pr=sa&d=2014-02-05 14:23:01&v=17.3.1.204&pid=safeguard&sg=0&sap=hp] -> Found

¤¤¤ MBR Check : ¤¤¤
+++++ PhysicalDrive0: TOSHIBA MK3261GSYN +++++
--- User ---
[MBR] a297c6716c3181b1f422f4d08ad604a3
[BSP] fb8a06a03531d3cba91e55d3af6e1fa9 : Windows Vista/7/8|VT.Unknown MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 100 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 206848 | Size: 305143 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
User = LL1 ... OK
User = LL2 ... OK

+++++ PhysicalDrive1: Seagate BUP Slim BK SCSI Disk Device +++++
--- User ---
[MBR] 3c79c9f094b9f7614d55e48a5391cb79
[BSP] 1f9afcc2b75524cfd44733a46f2d5dcf : Empty|VT.Unknown MBR Code
Partition table:
0 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 1907726 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
User = LL1 ... OK
Error reading LL2 MBR! ([1] Incorrect function. )

+++++ PhysicalDrive2: Generic- Multi-Card USB Device +++++
Error reading User MBR! ([15] The device is not ready. )
Error reading LL1 MBR! NOT VALID!
Error reading LL2 MBR! ([32] The request is not supported. )


Reply #1March 03, 2017, 11:42:39 PM

Curson

  • Global Moderator
  • Hero Member

  • Offline
  • *****

  • 2809
  • Reputation:
    100
    • View Profile
Re: [Split]RogueKiller detect threat
« Reply #1 on: March 03, 2017, 11:42:39 PM »
Hi SidVicious,

Welcome to Adlice.com forum.
Your computer is infected by some adwares. You can select everything for deletion except the following entry :
Quote
[Hj.Name] \Auslogics\Disk Defrag\Scheduled Defragmentation -- rundll32.exe (TaskSchedulerHelper.dll,RunTask "DiskDefrag.exe" "-UseTray -Scheduler")
This is a false positive. We will fix this as soon as possible.

Regards.

NOTE : Your post has been splitted in a new thread for clarity.

Reply #2March 04, 2017, 12:03:45 AM

SidVicious

  • Newbie

  • Offline
  • *

  • 4
  • Reputation:
    0
    • View Profile
Re: [Split]RogueKiller detect threat
« Reply #2 on: March 04, 2017, 12:03:45 AM »
Okay, ill do that. Thank you very much for the help.

Reply #3March 04, 2017, 12:19:23 AM

Curson

  • Global Moderator
  • Hero Member

  • Offline
  • *****

  • 2809
  • Reputation:
    100
    • View Profile
Re: [Split]RogueKiller detect threat
« Reply #3 on: March 04, 2017, 12:19:23 AM »
Hi SidVicious,

You are very welcome.

Regards.

Reply #4March 04, 2017, 01:23:34 AM

SidVicious

  • Newbie

  • Offline
  • *

  • 4
  • Reputation:
    0
    • View Profile
Re: [Split]RogueKiller detect threat
« Reply #4 on: March 04, 2017, 01:23:34 AM »
Huge difference in performance after doing that, freaking great. Thanks again.

Reply #5March 04, 2017, 02:33:07 PM

Curson

  • Global Moderator
  • Hero Member

  • Offline
  • *****

  • 2809
  • Reputation:
    100
    • View Profile
Re: [Split]RogueKiller detect threat
« Reply #5 on: March 04, 2017, 02:33:07 PM »
Hi SidVicious,

Thanks for your feedback.
You are welcome.

Regards.