Author Topic: Problem deciphering RogueKiller log  (Read 6125 times)

0 Members and 2 Guests are viewing this topic.

May 27, 2014, 05:40:07 AM

Hemanse

  • Guest
Problem deciphering RogueKiller log
« on: May 27, 2014, 05:40:07 AM »
Im sorry to write here, been trying to ask around, but have yet to get an answer, almost every other piece of cleaning software i run shows nothing, but when i ran roguekiller today i found something i havent seen before, hopefully a friendly soul can maybe help me out.

Quote
RogueKiller V8.8.15 _x64_ [Mar 27 2014] by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Website : http://www.adlice.co...es/roguekiller/
Blog : http://www.adlice.com
 
Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : Rasmus [Admin rights]
Mode : Scan -- Date : 05/27/2014 00:35:34
| ARK || FAK || MBR |
 
¤¤¤ Bad processes : 0 ¤¤¤
 
¤¤¤ Registry Entries : 0 ¤¤¤
 
¤¤¤ Scheduled tasks : 0 ¤¤¤
 
¤¤¤ Startup Entries : 0 ¤¤¤
 
¤¤¤ Web browsers : 0 ¤¤¤
 
¤¤¤ Browser Addons : 1 ¤¤¤
[CHR][PUP] Default : Bejeweled
 
¤¤¤ Particular Files / Folders: ¤¤¤
 
¤¤¤ Driver : [NOT LOADED 0x0] ¤¤¤
[Address] EAT @explorer.exe (WlanAllocateMemory) : wwapi.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xEBFC8AC8)
[Address] EAT @explorer.exe (WlanCloseHandle) : wwapi.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xEBFC38A0)
[Address] EAT @explorer.exe (WlanConnect) : wwapi.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xEBFC5558)
[Address] EAT @explorer.exe (WlanDeleteProfile) : wwapi.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xEBFC6D10)
[Address] EAT @explorer.exe (WlanDisconnect) : wwapi.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xEBFC57E8)
[Address] EAT @explorer.exe (WlanEnumInterfaces) : wwapi.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xEBFC3A80)
[Address] EAT @explorer.exe (WlanExtractPsdIEDataList) : wwapi.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xEBFC8394)
[Address] EAT @explorer.exe (WlanFreeMemory) : wwapi.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xEBFCA5A0)
[Address] EAT @explorer.exe (WlanGetAvailableNetworkList) : wwapi.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xEBFC4F88)
[Address] EAT @explorer.exe (WlanGetFilterList) : wwapi.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xEBFC7F9C)
[Address] EAT @explorer.exe (WlanGetInterfaceCapability) : wwapi.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xEBFC4188)
[Address] EAT @explorer.exe (WlanGetNetworkBssList) : wwapi.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xEBFC5268)
[Address] EAT @explorer.exe (WlanGetProfile) : wwapi.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xEBFC6A20)
[Address] EAT @explorer.exe (WlanGetProfileCustomUserData) : wwapi.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xEBFC7B1C)
[Address] EAT @explorer.exe (WlanGetProfileList) : wwapi.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xEBFC7404)
[Address] EAT @explorer.exe (WlanGetSecuritySettings) : wwapi.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xEBFC8D88)
[Address] EAT @explorer.exe (WlanHostedNetworkForceStart) : wwapi.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xEBFC935C)
[Address] EAT @explorer.exe (WlanHostedNetworkForceStop) : wwapi.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xEBFC9418)
[Address] EAT @explorer.exe (WlanHostedNetworkInitSettings) : wwapi.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xEBFC99D8)
[Address] EAT @explorer.exe (WlanHostedNetworkQueryProperty) : wwapi.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xEBFC94D4)
[Address] EAT @explorer.exe (WlanHostedNetworkQuerySecondaryKey) : wwapi.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xEBFCA020)
[Address] EAT @explorer.exe (WlanHostedNetworkQueryStatus) : wwapi.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xEBFC9B50)
[Address] EAT @explorer.exe (WlanHostedNetworkRefreshSecuritySettings) : wwapi.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xEBFC9A94)
[Address] EAT @explorer.exe (WlanHostedNetworkSetProperty) : wwapi.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xEBFC9744)
[Address] EAT @explorer.exe (WlanHostedNetworkSetSecondaryKey) : wwapi.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xEBFC9D78)
[Address] EAT @explorer.exe (WlanHostedNetworkStartUsing) : wwapi.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xEBFC91EC)
[Address] EAT @explorer.exe (WlanHostedNetworkStopUsing) : wwapi.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xEBFC92A4)
[Address] EAT @explorer.exe (WlanIhvControl) : wwapi.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xEBFC4A00)
[Address] EAT @explorer.exe (WlanOpenHandle) : wwapi.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xEBFC1960)
[Address] EAT @explorer.exe (WlanQueryAutoConfigParameter) : wwapi.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xEBFC3EE8)
[Address] EAT @explorer.exe (WlanQueryInterface) : wwapi.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xEBFC4668)
[Address] EAT @explorer.exe (WlanReasonCodeToString) : wwapi.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xEBFC8A54)
[Address] EAT @explorer.exe (WlanRegisterNotification) : wwapi.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xEBFC5A08)
[Address] EAT @explorer.exe (WlanRegisterVirtualStationNotification) : wwapi.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xEBFCA358)
[Address] EAT @explorer.exe (WlanRenameProfile) : wwapi.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xEBFC6F4C)
[Address] EAT @explorer.exe (WlanSaveTemporaryProfile) : wwapi.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xEBFC87D0)
[Address] EAT @explorer.exe (WlanScan) : wwapi.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xEBFC4D40)
[Address] EAT @explorer.exe (WlanSetAutoConfigParameter) : wwapi.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xEBFC3D10)
[Address] EAT @explorer.exe (WlanSetFilterList) : wwapi.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xEBFC7DCC)
[Address] EAT @explorer.exe (WlanSetInterface) : wwapi.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xEBFC4470)
[Address] EAT @explorer.exe (WlanSetProfile) : wwapi.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xEBFC6760)
[Address] EAT @explorer.exe (WlanSetProfileCustomUserData) : wwapi.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xEBFC78A4)
[Address] EAT @explorer.exe (WlanSetProfileEapUserData) : wwapi.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xEBFC5CC4)
[Address] EAT @explorer.exe (WlanSetProfileEapXmlUserData) : wwapi.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xEBFC5F9C)
[Address] EAT @explorer.exe (WlanSetProfileList) : wwapi.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xEBFC71A8)
[Address] EAT @explorer.exe (WlanSetProfilePosition) : wwapi.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xEBFC7644)
[Address] EAT @explorer.exe (WlanSetPsdIEDataList) : wwapi.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xEBFC81B0)
[Address] EAT @explorer.exe (WlanSetSecuritySettings) : wwapi.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xEBFC8B58)
 
¤¤¤ External Hives: ¤¤¤
 
¤¤¤ Infection : PUP ¤¤¤
 
¤¤¤ HOSTS File: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts
 
 
127.0.0.1       localhost
 
 
¤¤¤ MBR Check: ¤¤¤
 
+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) Samsung SSD 840 EVO 120GB ATA Device +++++
--- User ---
[MBR] b358815a4acdc2ad9fae130945ef537a
[BSP] e5c2d2ad33351211130728c3c9757de9 : Windows 7/8 MBR Code
Partition table:
0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 114471 MB
User = LL1 ... OK!
User = LL2 ... OK!
 
+++++ PhysicalDrive1: (\\.\PHYSICALDRIVE1 @ IDE) Samsung SSD 840 PRO Series ATA Device +++++
--- User ---
[MBR] 7f9a6d073aa91afc1c6baee0d1b3e676
[BSP] 9ea6294610e5f4ef79e441599a57feb1 : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 MB
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 244096 MB
User = LL1 ... OK!
User = LL2 ... OK!
 
+++++ PhysicalDrive2: (\\.\PHYSICALDRIVE2 @ IDE) WDC WD10EARS-00Y5B1 ATA Device +++++
--- User ---
[MBR] 7dc9c1a2183cee96a21fb3ab5407dac1
[BSP] eb8d6fc1b551e41ae818f154951faa4c : Windows 7/8 MBR Code
Partition table:
0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 953867 MB
User = LL1 ... OK!
User = LL2 ... OK!
 
Finished : << RKreport[0]_S_05272014_003534.txt >>
RKreport[0]_D_05272014_003114.txt;RKreport[0]_S_05272014_002655.txt

This is the the log, what im worried about is the Driver section, never seen that before and im not really sure what it means, i have been trying to search for answers but have not been able to find anything helpful.

Thanks in advance to anyone that can help out ;)

Reply #1May 27, 2014, 04:45:32 PM

Tigzy

  • Administrator
  • Hero Member

  • Offline
  • *****

  • 956
  • Reputation:
    91
  • Personal Text
    Owner, Adlice Software
    • View Profile
    • Adlice Software
Re: Problem deciphering RogueKiller log
« Reply #1 on: May 27, 2014, 04:45:32 PM »
Hello
No problem, that's legit DLL :)

Reply #2May 27, 2014, 07:46:59 PM

Hemanse

  • Guest
Re: Problem deciphering RogueKiller log
« Reply #2 on: May 27, 2014, 07:46:59 PM »
Hello
No problem, that's legit DLL :)

Thank you, and thanks for the very fast reply.