Author Topic: Check Log  (Read 5063 times)

0 Members and 1 Guest are viewing this topic.

June 10, 2017, 02:25:17 AM

Alcatraz57

  • Newbie

  • Offline
  • *

  • 1
  • Reputation:
    0
    • View Profile
Check Log
« on: June 10, 2017, 02:25:17 AM »
Hey, i just downloaded and run RogueKiller app, and it found this. Can somebody check these logs please. Thanks in advance.
I am using Czech version, if u dont understand, write or try to use Google translator  ;)

RogueKiller V12.11.1.0 (x64) [Jun  4 2017] (Free) by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : https://forum.adlice.com
Webová stránka : http://www.adlice.com/download/roguekiller/
Blog : http://www.adlice.com

Operační systém : Windows 10 (10.0.15063) 64 bits version
Spuštěno : Normální režim
Uživatel : Tomá? [Práva správce]
Started from : C:\Program Files\RogueKiller\RogueKiller64.exe
Mód : Prohledat -- Datum : 06/10/2017 01:30:11 (Duration : 00:45:40)

¤¤¤ Procesy : 0 ¤¤¤

¤¤¤ Registry : 51 ¤¤¤
[PUP.Gen1] (X64) HKEY_LOCAL_MACHINE\Software\Tarma Installer -> Nalezeno
[PUP.Gen1] (X86) HKEY_LOCAL_MACHINE\Software\AVG Secure Search -> Nalezeno
[PUP.Gen1] (X86) HKEY_LOCAL_MACHINE\Software\AVG Security Toolbar -> Nalezeno
[PUP.Gen1] (X86) HKEY_LOCAL_MACHINE\Software\Babylon -> Nalezeno
[PUP.Gen1] (X86) HKEY_LOCAL_MACHINE\Software\DataMngr -> Nalezeno
[PUP.Gen1] (X86) HKEY_LOCAL_MACHINE\Software\GoforFiles -> Nalezeno
[PUP.Gen1] (X64) HKEY_USERS\.DEFAULT\Software\IBUpdaterService -> Nalezeno
[PUP.Gen1] (X86) HKEY_USERS\.DEFAULT\Software\IBUpdaterService -> Nalezeno
[PUP.Gen1] (X64) HKEY_USERS\S-1-5-21-1138898226-1082804455-2059548805-1001\Software\1ClickDownload -> Nalezeno
[PUP.Gen1] (X64) HKEY_USERS\S-1-5-21-1138898226-1082804455-2059548805-1001\Software\APN -> Nalezeno
[PUP.Gen1] (X64) HKEY_USERS\S-1-5-21-1138898226-1082804455-2059548805-1001\Software\AVG Secure Search -> Nalezeno
[PUP.Gen1] (X64) HKEY_USERS\S-1-5-21-1138898226-1082804455-2059548805-1001\Software\BabylonToolbar -> Nalezeno
[PUP.Gen1] (X64) HKEY_USERS\S-1-5-21-1138898226-1082804455-2059548805-1001\Software\Cr_Installer -> Nalezeno
[PUP.Gen1] (X64) HKEY_USERS\S-1-5-21-1138898226-1082804455-2059548805-1001\Software\DataMngr -> Nalezeno
[PUP.Gen1] (X64) HKEY_USERS\S-1-5-21-1138898226-1082804455-2059548805-1001\Software\GoforFiles -> Nalezeno
[PUP.Gen1] (X64) HKEY_USERS\S-1-5-21-1138898226-1082804455-2059548805-1001\Software\iLivid -> Nalezeno
[PUP.Gen1] (X64) HKEY_USERS\S-1-5-21-1138898226-1082804455-2059548805-1001\Software\InstalledBrowserExtensions -> Nalezeno
[PUP.Gen1] (X64) HKEY_USERS\S-1-5-21-1138898226-1082804455-2059548805-1001\Software\PerformerSoft LLC -> Nalezeno
[PUP.Gen1] (X86) HKEY_USERS\S-1-5-21-1138898226-1082804455-2059548805-1001\Software\1ClickDownload -> Nalezeno
[PUP.Gen1] (X86) HKEY_USERS\S-1-5-21-1138898226-1082804455-2059548805-1001\Software\APN -> Nalezeno
[PUP.Gen1] (X86) HKEY_USERS\S-1-5-21-1138898226-1082804455-2059548805-1001\Software\AVG Secure Search -> Nalezeno
[PUP.Gen1] (X86) HKEY_USERS\S-1-5-21-1138898226-1082804455-2059548805-1001\Software\BabylonToolbar -> Nalezeno
[PUP.Gen1] (X86) HKEY_USERS\S-1-5-21-1138898226-1082804455-2059548805-1001\Software\Cr_Installer -> Nalezeno
[PUP.Gen1] (X86) HKEY_USERS\S-1-5-21-1138898226-1082804455-2059548805-1001\Software\DataMngr -> Nalezeno
[PUP.Gen1] (X86) HKEY_USERS\S-1-5-21-1138898226-1082804455-2059548805-1001\Software\GoforFiles -> Nalezeno
[PUP.Gen1] (X86) HKEY_USERS\S-1-5-21-1138898226-1082804455-2059548805-1001\Software\iLivid -> Nalezeno
[PUP.Gen1] (X86) HKEY_USERS\S-1-5-21-1138898226-1082804455-2059548805-1001\Software\InstalledBrowserExtensions -> Nalezeno
[PUP.Gen1] (X86) HKEY_USERS\S-1-5-21-1138898226-1082804455-2059548805-1001\Software\PerformerSoft LLC -> Nalezeno
[PUP.Gen1] (X64) HKEY_USERS\S-1-5-18\Software\IBUpdaterService -> Nalezeno
[PUP.Gen1] (X86) HKEY_USERS\S-1-5-18\Software\IBUpdaterService -> Nalezeno
[PUP.Gen1] (X64) HKEY_USERS\.DEFAULT\Software\AppDataLow\Software\AskToolbar -> Nalezeno
[PUP.Gen1] (X86) HKEY_USERS\.DEFAULT\Software\AppDataLow\Software\AskToolbar -> Nalezeno
[PUP.Gen1] (X64) HKEY_USERS\S-1-5-21-1138898226-1082804455-2059548805-1001\Software\AppDataLow\Software\Crossrider -> Nalezeno
[PUP.Gen1] (X86) HKEY_USERS\S-1-5-21-1138898226-1082804455-2059548805-1001\Software\AppDataLow\Software\Crossrider -> Nalezeno
[PUP.Gen1] (X64) HKEY_USERS\S-1-5-18\Software\AppDataLow\Software\AskToolbar -> Nalezeno
[PUP.Gen1] (X86) HKEY_USERS\S-1-5-18\Software\AppDataLow\Software\AskToolbar -> Nalezeno
[PUP.Gen0] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233} -> Nalezeno
[PUP.Gen0] (X86) HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar | {95B7759C-8C7F-4BF1-B163-73684A933233} :   -> Nalezeno
[PUP.Gen0] (X64) HKEY_USERS\S-1-5-21-1138898226-1082804455-2059548805-1001\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser | {D4027C7F-154A-4066-A1AD-4243D8127440} :   -> Nalezeno
[PUP.Gen0] (X86) HKEY_USERS\S-1-5-21-1138898226-1082804455-2059548805-1001\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser | {D4027C7F-154A-4066-A1AD-4243D8127440} :   -> Nalezeno
[PUP.Gen0] (X64) HKEY_USERS\S-1-5-21-1138898226-1082804455-2059548805-1001\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks | {00000000-6E41-4FD3-8538-502F5495E5FC} :   -> Nalezeno
[PUP.Gen0] (X86) HKEY_USERS\S-1-5-21-1138898226-1082804455-2059548805-1001\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks | {00000000-6E41-4FD3-8538-502F5495E5FC} :   -> Nalezeno
[PUP.Gen1] (X64) HKEY_USERS\S-1-5-21-1138898226-1082804455-2059548805-1001\Software\Microsoft\Internet Explorer\Main | Start Page : http://isearch.avg.com?cid={847DFE50-2536-4A86-B0B7-8804ACD00899}&mid=c87818ba4eed47d0aa4eb914054a2497-13ef8d141c1b253c7c00be438bf3808a78210952&lang=cs&ds=gm011&coid=&cmpid=&pr=sa&d=2013-01-07 15:29:29&v=18.3.0.885&pid=avg&sg=0&sap=hp  -> Nalezeno
[PUP.Gen1] (X86) HKEY_USERS\S-1-5-21-1138898226-1082804455-2059548805-1001\Software\Microsoft\Internet Explorer\Main | Start Page : http://isearch.avg.com?cid={847DFE50-2536-4A86-B0B7-8804ACD00899}&mid=c87818ba4eed47d0aa4eb914054a2497-13ef8d141c1b253c7c00be438bf3808a78210952&lang=cs&ds=gm011&coid=&cmpid=&pr=sa&d=2013-01-07 15:29:29&v=18.3.0.885&pid=avg&sg=0&sap=hp  -> Nalezeno
[PUM.SearchPage] (X64) HKEY_USERS\S-1-5-21-1138898226-1082804455-2059548805-1001\Software\Microsoft\Internet Explorer\Main | Search Page : http://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}  -> Nalezeno
[PUM.SearchPage] (X86) HKEY_USERS\S-1-5-21-1138898226-1082804455-2059548805-1001\Software\Microsoft\Internet Explorer\Main | Search Page : http://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}  -> Nalezeno
[PUM.SearchPage] (X64) HKEY_USERS\S-1-5-21-1138898226-1082804455-2059548805-1001\Software\Microsoft\Internet Explorer\Main | Search Bar : https://www.seznam.cz/?clid=22668  -> Nalezeno
[PUM.SearchPage] (X86) HKEY_USERS\S-1-5-21-1138898226-1082804455-2059548805-1001\Software\Microsoft\Internet Explorer\Main | Search Bar : https://www.seznam.cz/?clid=22668  -> Nalezeno
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{7bc122d8-3d94-4438-be07-1b8ece819585} | DhcpNameServer : 172.18.12.1 ([])  -> Nalezeno
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {E937D968-E78C-4D54-88BA-BB2A532D3D3D} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\ProgramData\NexonEU\NGM\NGM.exe|Name=Nexon Game Manager| [7] -> Nalezeno
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {8EE6F753-A63C-49B8-9A46-2A9EEF072AB3} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\ProgramData\NexonEU\NGM\NGM.exe|Name=Nexon Game Manager| [7] -> Nalezeno

¤¤¤ Úlohy : 1 ¤¤¤
[Suspicious.Path] %WINDIR%\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job -- C:\Windows\TEMP\{E9F893C9-FE9B-4E28-86FB-D37F9A7CC873}.exe (--uninstall=1) -> Nalezeno

¤¤¤ Soubory : 32 ¤¤¤
[PUP.Gen1][Složka] C:\ProgramData\Ask -> Nalezeno
[PUP.Gen1][Složka] C:\ProgramData\AVG Secure Search -> Nalezeno
[PUP.Gen1][Složka] C:\ProgramData\Babylon -> Nalezeno
[PUP.Gen1][Složka] C:\ProgramData\IBUpdaterService -> Nalezeno
[PUP.Gen1][Složka] C:\ProgramData\SoftSafe -> Nalezeno
[PUP.Gen1][Složka] C:\ProgramData\StarApp -> Nalezeno
[PUP.Gen1][Složka] C:\ProgramData\Tarma Installer -> Nalezeno
[PUP.Gen1][Soubor] C:\Users\Tomá?\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\iStripper\iStripper.lnk [LNK@] C:\Users\TOM~1\AppData\Local\vghd\bin\vghd.exe -> Nalezeno
[PUP.Gen1][Soubor] C:\Users\Tomá?\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\iStripper\Uninstall iStripper.lnk [LNK@] C:\Users\TOM~1\AppData\Local\vghd\bin\unins001.exe -> Nalezeno
[PUP.Gen1][Soubor] C:\Users\Tomá?\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DesktopVideoPlayer.lnk [LNK@] C:\Users\TOM~1\AppData\Local\vghd\bin\vghd.exe -fromStartup -> Nalezeno
[PUP.Gen1][Soubor] C:\Users\Tomá?\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirtuaGirl\Uninstall VirtuaGirl.lnk [LNK@] C:\Users\TOM~1\AppData\Local\vghd\bin\unins000.exe -> Nalezeno
[PUP.Gen1][Soubor] C:\Users\Tomá?\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirtuaGirl\VirtuaGirl.lnk [LNK@] C:\Users\TOM~1\AppData\Local\vghd\bin\vghd.exe -> Nalezeno
[PUP.Gen1][Složka] C:\Users\Tomá?\AppData\Roaming\Babylon -> Nalezeno
[PUP.Gen1][Složka] C:\Users\Tomá?\AppData\Roaming\PlusWinks -> Nalezeno
[Tr.Gen0][Soubor] C:\Users\Tomá?\AppData\Roaming\uTorrent\updates\3.5.0_43580\utorrentie.exe -> Nalezeno
[PUP.Gen1][Složka] C:\Users\Tomá?\AppData\Local\APN -> Nalezeno
[PUP.Gen1][Složka] C:\Users\Tomá?\AppData\Local\AVG Secure Search -> Nalezeno
[PUP.SolidSavings][Složka] C:\Users\Tomá?\AppData\Local\Updater21426 -> Nalezeno
[PUP.Gen1][Složka] C:\Users\Tomá?\AppData\Local\vghd -> Nalezeno
[PUP.Gen1][Složka] C:\ProgramData\Ask -> Nalezeno
[PUP.Gen1][Složka] C:\ProgramData\AVG Secure Search -> Nalezeno
[PUP.Gen1][Složka] C:\ProgramData\Babylon -> Nalezeno
[PUP.Gen1][Složka] C:\ProgramData\IBUpdaterService -> Nalezeno
[PUP.Gen1][Složka] C:\ProgramData\SoftSafe -> Nalezeno
[PUP.Gen1][Složka] C:\ProgramData\StarApp -> Nalezeno
[PUP.Gen1][Složka] C:\ProgramData\Tarma Installer -> Nalezeno
[PUP.Gen1][Složka] C:\Program Files (x86)\AVG Security Toolbar -> Nalezeno
[PUP.Gen1][Soubor] C:\Users\Tomá?\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\iStripper\iStripper.lnk [LNK@] C:\Users\TOM~1\AppData\Local\vghd\bin\vghd.exe -> Nalezeno
[PUP.Gen1][Soubor] C:\Users\Tomá?\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\iStripper\Uninstall iStripper.lnk [LNK@] C:\Users\TOM~1\AppData\Local\vghd\bin\unins001.exe -> Nalezeno
[PUP.Gen1][Soubor] C:\Users\Tomá?\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DesktopVideoPlayer.lnk [LNK@] C:\Users\TOM~1\AppData\Local\vghd\bin\vghd.exe -fromStartup -> Nalezeno
[PUP.Gen1][Soubor] C:\Users\Tomá?\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirtuaGirl\Uninstall VirtuaGirl.lnk [LNK@] C:\Users\TOM~1\AppData\Local\vghd\bin\unins000.exe -> Nalezeno
[PUP.Gen1][Soubor] C:\Users\Tomá?\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirtuaGirl\VirtuaGirl.lnk [LNK@] C:\Users\TOM~1\AppData\Local\vghd\bin\vghd.exe -> Nalezeno

¤¤¤ WMI : 0 ¤¤¤

¤¤¤ Soubor HOSTS : 0 ¤¤¤

¤¤¤ Antirootkit : 0 (Driver: Nahrán) ¤¤¤

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Kontrola MBR : ¤¤¤
+++++ PhysicalDrive0: Hitachi HTS547575A9E384 +++++
--- User ---
[MBR] 42c4e5588c6c678f0059362648fb8b1d
[BSP] 13b795851a711a93ddf5a342e4216cdd : Empty MBR Code
Partition table:
0 - [MAN-MOUNT] EFI system partition | Offset (sectors): 2048 | Size: 200 MB
1 - [MAN-MOUNT] Microsoft reserved partition | Offset (sectors): 411648 | Size: 128 MB
2 - Basic data partition | Offset (sectors): 673792 | Size: 285323 MB
3 - [SYSTEM][MAN-MOUNT]  | Offset (sectors): 585017344 | Size: 509 MB
4 - Basic data partition | Offset (sectors): 586059776 | Size: 403642 MB
5 - [SYSTEM][MAN-MOUNT] Basic data partition | Offset (sectors): 1412718592 | Size: 25600 MB
User = LL1 ... OK
User = LL2 ... OK


Reply #1June 11, 2017, 02:53:46 PM

Curson

  • Global Moderator
  • Hero Member

  • Offline
  • *****

  • 2809
  • Reputation:
    100
    • View Profile
Re: Check Log
« Reply #1 on: June 11, 2017, 02:53:46 PM »
Hi Alcatraz,

Welcome to Adlice.com Forum.
You can safetly delete all the detections except these ones that are legit :
Quote
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{7bc122d8-3d94-4438-be07-1b8ece819585} | DhcpNameServer : 172.18.12.1 ([])  -> Nalezeno
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {E937D968-E78C-4D54-88BA-BB2A532D3D3D} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\ProgramData\NexonEU\NGM\NGM.exe|Name=Nexon Game Manager| [7] -> Nalezeno
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {8EE6F753-A63C-49B8-9A46-2A9EEF072AB3} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\ProgramData\NexonEU\NGM\NGM.exe|Name=Nexon Game Manager| [7] -> Nalezeno

Regards.

Note : This thread has been moved to the "RogueKiller" section for clarity.