RogueKiller V8.8.15 _x64_ [Mar 27 2014] by Adlice Software
mail :
http://www.adlice.com/contact/Feedback :
http://forum.adlice.comWebsite :
http://www.adlice.com/softwares/roguekiller/Blog :
http://www.adlice.comOperating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : admin [Admin rights]
Mode : Scan -- Date : 04/21/2014 09:45:20
| ARK || FAK || MBR |
¤¤¤ Bad processes : 0 ¤¤¤
¤¤¤ Registry Entries : 0 ¤¤¤
¤¤¤ Scheduled tasks : 0 ¤¤¤
¤¤¤ Startup Entries : 0 ¤¤¤
¤¤¤ Web browsers : 0 ¤¤¤
¤¤¤ Browser Addons : 0 ¤¤¤
¤¤¤ Particular Files / Folders: ¤¤¤
¤¤¤ Driver : [NOT LOADED 0x0] ¤¤¤
[Address] EAT @explorer.exe (DsAddressToSiteNamesA) : DNSAPI.dll -> HOOKED (C:\Windows\system32\LOGONCLI.DLL @ 0xFB93CF80)
[Address] EAT @explorer.exe (DsAddressToSiteNamesExA) : DNSAPI.dll -> HOOKED (C:\Windows\system32\LOGONCLI.DLL @ 0xFB93D3C8)
[Address] EAT @explorer.exe (DsAddressToSiteNamesExW) : DNSAPI.dll -> HOOKED (C:\Windows\system32\LOGONCLI.DLL @ 0xFB93D828)
[Address] EAT @explorer.exe (DsAddressToSiteNamesW) : DNSAPI.dll -> HOOKED (C:\Windows\system32\LOGONCLI.DLL @ 0xFB93D234)
[Address] EAT @explorer.exe (DsDeregisterDnsHostRecordsA) : DNSAPI.dll -> HOOKED (C:\Windows\system32\LOGONCLI.DLL @ 0xFB93F214)
[Address] EAT @explorer.exe (DsDeregisterDnsHostRecordsW) : DNSAPI.dll -> HOOKED (C:\Windows\system32\LOGONCLI.DLL @ 0xFB93F1BC)
[Address] EAT @explorer.exe (DsEnumerateDomainTrustsA) : DNSAPI.dll -> HOOKED (C:\Windows\system32\LOGONCLI.DLL @ 0xFB93EB80)
[Address] EAT @explorer.exe (DsEnumerateDomainTrustsW) : DNSAPI.dll -> HOOKED (C:\Windows\system32\LOGONCLI.DLL @ 0xFB937A6C)
[Address] EAT @explorer.exe (DsGetDcCloseW) : DNSAPI.dll -> HOOKED (C:\Windows\system32\LOGONCLI.DLL @ 0xFB93C844)
[Address] EAT @explorer.exe (DsGetDcNameA) : DNSAPI.dll -> HOOKED (C:\Windows\system32\LOGONCLI.DLL @ 0xFB93C850)
[Address] EAT @explorer.exe (DsGetDcNameW) : DNSAPI.dll -> HOOKED (C:\Windows\system32\LOGONCLI.DLL @ 0xFB9314C0)
[Address] EAT @explorer.exe (DsGetDcNameWithAccountA) : DNSAPI.dll -> HOOKED (C:\Windows\system32\LOGONCLI.DLL @ 0xFB93C888)
[Address] EAT @explorer.exe (DsGetDcNameWithAccountW) : DNSAPI.dll -> HOOKED (C:\Windows\system32\LOGONCLI.DLL @ 0xFB93129C)
[Address] EAT @explorer.exe (DsGetDcNextA) : DNSAPI.dll -> HOOKED (C:\Windows\system32\LOGONCLI.DLL @ 0xFB93C75C)
[Address] EAT @explorer.exe (DsGetDcNextW) : DNSAPI.dll -> HOOKED (C:\Windows\system32\LOGONCLI.DLL @ 0xFB93C690)
[Address] EAT @explorer.exe (DsGetDcOpenA) : DNSAPI.dll -> HOOKED (C:\Windows\system32\LOGONCLI.DLL @ 0xFB93C58C)
[Address] EAT @explorer.exe (DsGetDcOpenW) : DNSAPI.dll -> HOOKED (C:\Windows\system32\LOGONCLI.DLL @ 0xFB93C47C)
[Address] EAT @explorer.exe (DsGetDcSiteCoverageA) : DNSAPI.dll -> HOOKED (C:\Windows\system32\LOGONCLI.DLL @ 0xFB93DA9C)
[Address] EAT @explorer.exe (DsGetDcSiteCoverageW) : DNSAPI.dll -> HOOKED (C:\Windows\system32\LOGONCLI.DLL @ 0xFB93DD5C)
[Address] EAT @explorer.exe (DsGetForestTrustInformationW) : DNSAPI.dll -> HOOKED (C:\Windows\system32\LOGONCLI.DLL @ 0xFB93F2EC)
[Address] EAT @explorer.exe (DsGetSiteNameA) : DNSAPI.dll -> HOOKED (C:\Windows\system32\LOGONCLI.DLL @ 0xFB93CEE0)
[Address] EAT @explorer.exe (DsGetSiteNameW) : DNSAPI.dll -> HOOKED (C:\Windows\system32\LOGONCLI.DLL @ 0xFB937578)
[Address] EAT @explorer.exe (DsMergeForestTrustInformationW) : DNSAPI.dll -> HOOKED (C:\Windows\system32\LOGONCLI.DLL @ 0xFB93F3B0)
[Address] EAT @explorer.exe (DsValidateSubnetNameA) : DNSAPI.dll -> HOOKED (C:\Windows\system32\LOGONCLI.DLL @ 0xFB93CD8C)
[Address] EAT @explorer.exe (DsValidateSubnetNameW) : DNSAPI.dll -> HOOKED (C:\Windows\system32\LOGONCLI.DLL @ 0xFB93CDD8)
[Address] EAT @explorer.exe (I_DsUpdateReadOnlyServerDnsRecords) : DNSAPI.dll -> HOOKED (C:\Windows\system32\LOGONCLI.DLL @ 0xFB93DF08)
[Address] EAT @explorer.exe (I_NetAccountDeltas) : DNSAPI.dll -> HOOKED (C:\Windows\system32\LOGONCLI.DLL @ 0xFB93E6D0)
[Address] EAT @explorer.exe (I_NetAccountSync) : DNSAPI.dll -> HOOKED (C:\Windows\system32\LOGONCLI.DLL @ 0xFB93E6D0)
[Address] EAT @explorer.exe (I_NetChainSetClientAttributes) : DNSAPI.dll -> HOOKED (C:\Windows\system32\LOGONCLI.DLL @ 0xFB93F408)
[Address] EAT @explorer.exe (I_NetChainSetClientAttributes2) : DNSAPI.dll -> HOOKED (C:\Windows\system32\LOGONCLI.DLL @ 0xFB93F48C)
[Address] EAT @explorer.exe (I_NetDatabaseDeltas) : DNSAPI.dll -> HOOKED (C:\Windows\system32\LOGONCLI.DLL @ 0xFB93E6D0)
[Address] EAT @explorer.exe (I_NetDatabaseRedo) : DNSAPI.dll -> HOOKED (C:\Windows\system32\LOGONCLI.DLL @ 0xFB93E6D0)
[Address] EAT @explorer.exe (I_NetDatabaseSync) : DNSAPI.dll -> HOOKED (C:\Windows\system32\LOGONCLI.DLL @ 0xFB93E6D0)
[Address] EAT @explorer.exe (I_NetDatabaseSync2) : DNSAPI.dll -> HOOKED (C:\Windows\system32\LOGONCLI.DLL @ 0xFB93E6D0)
[Address] EAT @explorer.exe (I_NetGetDCList) : DNSAPI.dll -> HOOKED (C:\Windows\system32\LOGONCLI.DLL @ 0xFB93E18C)
[Address] EAT @explorer.exe (I_NetGetForestTrustInformation) : DNSAPI.dll -> HOOKED (C:\Windows\system32\LOGONCLI.DLL @ 0xFB93F350)
[Address] EAT @explorer.exe (I_NetLogonControl) : DNSAPI.dll -> HOOKED (C:\Windows\system32\LOGONCLI.DLL @ 0xFB93E6DC)
[Address] EAT @explorer.exe (I_NetLogonControl2) : DNSAPI.dll -> HOOKED (C:\Windows\system32\LOGONCLI.DLL @ 0xFB93E730)
[Address] EAT @explorer.exe (I_NetLogonGetCapabilities) : DNSAPI.dll -> HOOKED (C:\Windows\system32\LOGONCLI.DLL @ 0xFB9322D0)
[Address] EAT @explorer.exe (I_NetLogonGetDomainInfo) : DNSAPI.dll -> HOOKED (C:\Windows\system32\LOGONCLI.DLL @ 0xFB9321DC)
[Address] EAT @explorer.exe (I_NetLogonSamLogoff) : DNSAPI.dll -> HOOKED (C:\Windows\system32\LOGONCLI.DLL @ 0xFB93E460)
[Address] EAT @explorer.exe (I_NetLogonSamLogon) : DNSAPI.dll -> HOOKED (C:\Windows\system32\LOGONCLI.DLL @ 0xFB93E2E8)
[Address] EAT @explorer.exe (I_NetLogonSamLogonEx) : DNSAPI.dll -> HOOKED (C:\Windows\system32\LOGONCLI.DLL @ 0xFB93E394)
[Address] EAT @explorer.exe (I_NetLogonSamLogonWithFlags) : DNSAPI.dll -> HOOKED (C:\Windows\system32\LOGONCLI.DLL @ 0xFB937D2C)
[Address] EAT @explorer.exe (I_NetLogonSendToSam) : DNSAPI.dll -> HOOKED (C:\Windows\system32\LOGONCLI.DLL @ 0xFB93E4C8)
[Address] EAT @explorer.exe (I_NetLogonUasLogoff) : DNSAPI.dll -> HOOKED (C:\Windows\system32\LOGONCLI.DLL @ 0xFB93E2A8)
[Address] EAT @explorer.exe (I_NetLogonUasLogon) : DNSAPI.dll -> HOOKED (C:\Windows\system32\LOGONCLI.DLL @ 0xFB93E268)
[Address] EAT @explorer.exe (I_NetServerAuthenticate) : DNSAPI.dll -> HOOKED (C:\Windows\system32\LOGONCLI.DLL @ 0xFB93E528)
[Address] EAT @explorer.exe (I_NetServerAuthenticate2) : DNSAPI.dll -> HOOKED (C:\Windows\system32\LOGONCLI.DLL @ 0xFB93E588)
[Address] EAT @explorer.exe (I_NetServerAuthenticate3) : DNSAPI.dll -> HOOKED (C:\Windows\system32\LOGONCLI.DLL @ 0xFB932260)
[Address] EAT @explorer.exe (I_NetServerGetTrustInfo) : DNSAPI.dll -> HOOKED (C:\Windows\system32\LOGONCLI.DLL @ 0xFB93F0F4)
[Address] EAT @explorer.exe (I_NetServerPasswordGet) : DNSAPI.dll -> HOOKED (C:\Windows\system32\LOGONCLI.DLL @ 0xFB93F010)
[Address] EAT @explorer.exe (I_NetServerPasswordSet) : DNSAPI.dll -> HOOKED (C:\Windows\system32\LOGONCLI.DLL @ 0xFB93E5F4)
[Address] EAT @explorer.exe (I_NetServerPasswordSet2) : DNSAPI.dll -> HOOKED (C:\Windows\system32\LOGONCLI.DLL @ 0xFB93E660)
[Address] EAT @explorer.exe (I_NetServerReqChallenge) : DNSAPI.dll -> HOOKED (C:\Windows\system32\LOGONCLI.DLL @ 0xFB931FB4)
[Address] EAT @explorer.exe (I_NetServerTrustPasswordsGet) : DNSAPI.dll -> HOOKED (C:\Windows\system32\LOGONCLI.DLL @ 0xFB93F07C)
[Address] EAT @explorer.exe (I_NetlogonComputeClientDigest) : DNSAPI.dll -> HOOKED (C:\Windows\system32\LOGONCLI.DLL @ 0xFB937630)
[Address] EAT @explorer.exe (I_NetlogonComputeServerDigest) : DNSAPI.dll -> HOOKED (C:\Windows\system32\LOGONCLI.DLL @ 0xFB93EFB0)
[Address] EAT @explorer.exe (I_NetlogonGetTrustRid) : DNSAPI.dll -> HOOKED (C:\Windows\system32\LOGONCLI.DLL @ 0xFB9375C4)
[Address] EAT @explorer.exe (I_RpcExtInitializeExtensionPoint) : DNSAPI.dll -> HOOKED (C:\Windows\system32\LOGONCLI.DLL @ 0xFB93FA78)
[Address] EAT @explorer.exe (NetAddServiceAccount) : DNSAPI.dll -> HOOKED (C:\Windows\system32\LOGONCLI.DLL @ 0xFB93F510)
[Address] EAT @explorer.exe (NetEnumerateServiceAccounts) : DNSAPI.dll -> HOOKED (C:\Windows\system32\LOGONCLI.DLL @ 0xFB93F59C)
[Address] EAT @explorer.exe (NetEnumerateTrustedDomains) : DNSAPI.dll -> HOOKED (C:\Windows\system32\LOGONCLI.DLL @ 0xFB93E864)
[Address] EAT @explorer.exe (NetGetAnyDCName) : DNSAPI.dll -> HOOKED (C:\Windows\system32\LOGONCLI.DLL @ 0xFB93CD4C)
[Address] EAT @explorer.exe (NetGetDCName) : DNSAPI.dll -> HOOKED (C:\Windows\system32\LOGONCLI.DLL @ 0xFB937B14)
[Address] EAT @explorer.exe (NetIsServiceAccount) : DNSAPI.dll -> HOOKED (C:\Windows\system32\LOGONCLI.DLL @ 0xFB93F63C)
[Address] EAT @explorer.exe (NetLogonGetTimeServiceParentDomain) : DNSAPI.dll -> HOOKED (C:\Windows\system32\LOGONCLI.DLL @ 0xFB93F17C)
[Address] EAT @explorer.exe (NetLogonSetServiceBits) : DNSAPI.dll -> HOOKED (C:\Windows\system32\LOGONCLI.DLL @ 0xFB9375FC)
[Address] EAT @explorer.exe (NetQueryServiceAccount) : DNSAPI.dll -> HOOKED (C:\Windows\system32\LOGONCLI.DLL @ 0xFB93F69C)
[Address] EAT @explorer.exe (NetRemoveServiceAccount) : DNSAPI.dll -> HOOKED (C:\Windows\system32\LOGONCLI.DLL @ 0xFB93F558)
[Address] EAT @explorer.exe (NlBindingAddServerToCache) : DNSAPI.dll -> HOOKED (C:\Windows\system32\LOGONCLI.DLL @ 0xFB931FF0)
[Address] EAT @explorer.exe (NlBindingRemoveServerFromCache) : DNSAPI.dll -> HOOKED (C:\Windows\system32\LOGONCLI.DLL @ 0xFB937A00)
[Address] EAT @explorer.exe (NlBindingSetAuthInfo) : DNSAPI.dll -> HOOKED (C:\Windows\system32\LOGONCLI.DLL @ 0xFB931F20)
¤¤¤ External Hives: ¤¤¤
¤¤¤ Infection : ¤¤¤
¤¤¤ HOSTS File: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts
¤¤¤ MBR Check: ¤¤¤
+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) Hitachi HTS725032A9A364 +++++
--- User ---
[MBR] f161517b7e592ef3b2bf9c3a44598507
[BSP] e8f54dba0a0567898fa8d649484e9b5a : Windows 7/8 MBR Code
Partition table:
0 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 13312 MB
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 27265024 | Size: 84 MB
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 27469824 | Size: 291831 MB
User = LL1 ... OK!
User = LL2 ... OK!
Finished : << RKreport[0]_S_04212014_094520.txt >>
RKreport[0]_D_04062014_131418.txt;RKreport[0]_D_11082013_171321.txt;RKreport[0]_S_03012014_083643.txt
RKreport[0]_S_03012014_083828.txt;RKreport[0]_S_04042014_114440.txt;RKreport[0]_S_04062014_123918.txt
RKreport[0]_S_04062014_131105.txt;RKreport[0]_S_04062014_131306.txt;RKreport[0]_S_04182014_122242.txt
RKreport[0]_S_04182014_122650.txt;RKreport[0]_S_04182014_123146.txt;RKreport[0]_S_04212014_094025.txt
RKreport[0]_S_10012013_065250.txt;RKreport[0]_S_10122013_051007.txt;RKreport[0]_S_10122013_055149.txt
RKreport[0]_S_10302013_083045.txt;RKreport[0]_S_11082013_163846.txt;RKreport[0]_S_11102013_070558.txt
RKreport[0]_S_12302013_081049.txt