First of all thank you for creating Roguekiller! It really is a big help especially in a University where most PC's are full of all sorts of malware and other viruses.
I would like to know if these are truly legit .dlls and just a Roguekiller error (I have experienced it before but I am really somewhat obsessive about keeping my machine in top performing condition)
This is my log file:
RogueKiller V8.8.15 _x64_ [Mar 27 2014] by Adlice Software
mail :
http://www.adlice.com/contact/Feedback :
http://forum.adlice.comWebsite :
http://www.adlice.com/softwares/roguekiller/Blog :
http://www.adlice.comOperating System : Windows 8.1 (6.3.9600 ) 64 bits version
Started in : Safe mode
User : LanYamato [Admin rights]
Mode : Scan -- Date : 04/03/2014 22:09:59
| ARK || FAK || MBR |
¤¤¤ Bad processes : 0 ¤¤¤
¤¤¤ Registry Entries : 0 ¤¤¤
¤¤¤ Scheduled tasks : 0 ¤¤¤
¤¤¤ Startup Entries : 0 ¤¤¤
¤¤¤ Web browsers : 0 ¤¤¤
¤¤¤ Browser Addons : 0 ¤¤¤
¤¤¤ Particular Files / Folders: ¤¤¤
¤¤¤ Driver : [NOT LOADED 0x0] ¤¤¤
[Address] EAT @explorer.exe (DllCanUnloadNow) : NetworkStatus.dll -> HOOKED (C:\WINDOWS\System32\shacct.dll @ 0x396A1010)
[Address] EAT @explorer.exe (DllGetClassObject) : NetworkStatus.dll -> HOOKED (C:\WINDOWS\System32\shacct.dll @ 0x396A1130)
[Address] EAT @explorer.exe (AccConvertAccessMaskToActrlAccess) : nlaapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x3871FA0C)
[Address] EAT @explorer.exe (AccConvertAccessToSD) : nlaapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x3871FB80)
[Address] EAT @explorer.exe (AccConvertAccessToSecurityDescriptor) : nlaapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x3871FD3C)
[Address] EAT @explorer.exe (AccConvertAclToAccess) : nlaapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x3871FE90)
[Address] EAT @explorer.exe (AccConvertSDToAccess) : nlaapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x3871FF2C)
[Address] EAT @explorer.exe (AccFreeIndexArray) : nlaapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x38710D80)
[Address] EAT @explorer.exe (AccGetAccessForTrustee) : nlaapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x387201A8)
[Address] EAT @explorer.exe (AccGetExplicitEntries) : nlaapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x38720288)
[Address] EAT @explorer.exe (AccGetInheritanceSource) : nlaapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x38710EA0)
[Address] EAT @explorer.exe (AccLookupAccountName) : nlaapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x38720348)
[Address] EAT @explorer.exe (AccLookupAccountSid) : nlaapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x38720648)
[Address] EAT @explorer.exe (AccLookupAccountTrustee) : nlaapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x387209CC)
[Address] EAT @explorer.exe (AccProvCancelOperation) : nlaapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x3871CAFC)
[Address] EAT @explorer.exe (AccProvGetAccessInfoPerObjectType) : nlaapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x3871CB74)
[Address] EAT @explorer.exe (AccProvGetAllRights) : nlaapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x3871CC1C)
[Address] EAT @explorer.exe (AccProvGetCapabilities) : nlaapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x38708100)
[Address] EAT @explorer.exe (AccProvGetOperationResults) : nlaapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x3871CDF8)
[Address] EAT @explorer.exe (AccProvGetTrusteesAccess) : nlaapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x3871CF38)
[Address] EAT @explorer.exe (AccProvGrantAccessRights) : nlaapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x3871D040)
[Address] EAT @explorer.exe (AccProvHandleGetAccessInfoPerObjectType) : nlaapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x3871D1B0)
[Address] EAT @explorer.exe (AccProvHandleGetAllRights) : nlaapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x3871D298)
[Address] EAT @explorer.exe (AccProvHandleGetTrusteesAccess) : nlaapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x3871D410)
[Address] EAT @explorer.exe (AccProvHandleGrantAccessRights) : nlaapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x3871C4D0)
[Address] EAT @explorer.exe (AccProvHandleIsAccessAudited) : nlaapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x3871D48C)
[Address] EAT @explorer.exe (AccProvHandleIsObjectAccessible) : nlaapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x3871D524)
[Address] EAT @explorer.exe (AccProvHandleRevokeAccessRights) : nlaapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x3871D660)
[Address] EAT @explorer.exe (AccProvHandleRevokeAuditRights) : nlaapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x3871D738)
[Address] EAT @explorer.exe (AccProvHandleSetAccessRights) : nlaapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x3871D810)
[Address] EAT @explorer.exe (AccProvIsAccessAudited) : nlaapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x3871D910)
[Address] EAT @explorer.exe (AccProvIsObjectAccessible) : nlaapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x3871DA24)
[Address] EAT @explorer.exe (AccProvRevokeAccessRights) : nlaapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x3871DE74)
[Address] EAT @explorer.exe (AccProvRevokeAuditRights) : nlaapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x3871DFB0)
[Address] EAT @explorer.exe (AccProvSetAccessRights) : nlaapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x3871E0EC)
[Address] EAT @explorer.exe (AccRewriteGetExplicitEntriesFromAcl) : nlaapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x38707BD4)
[Address] EAT @explorer.exe (AccRewriteGetHandleRights) : nlaapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x38711510)
[Address] EAT @explorer.exe (AccRewriteGetNamedRights) : nlaapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x38711680)
[Address] EAT @explorer.exe (AccRewriteSetEntriesInAcl) : nlaapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x38703070)
[Address] EAT @explorer.exe (AccRewriteSetHandleRights) : nlaapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x38702270)
[Address] EAT @explorer.exe (AccRewriteSetNamedRights) : nlaapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x38703BA0)
[Address] EAT @explorer.exe (AccSetEntriesInAList) : nlaapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x38720AD4)
[Address] EAT @explorer.exe (AccTreeResetNamedSecurityInfo) : nlaapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x387058A0)
[Address] EAT @explorer.exe (EventGuidToName) : nlaapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x3870DE68)
[Address] EAT @explorer.exe (EventNameFree) : nlaapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x3870DEF4)
[Address] EAT @explorer.exe (GetExplicitEntriesFromAclW) : nlaapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x38707BCC)
[Address] EAT @explorer.exe (GetMartaExtensionInterface) : nlaapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x38703600)
[Address] EAT @explorer.exe (GetNamedSecurityInfoW) : nlaapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x38702680)
[Address] EAT @explorer.exe (GetSecurityInfo) : nlaapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x38701390)
[Address] EAT @explorer.exe (SetEntriesInAclW) : nlaapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x38703060)
[Address] EAT @explorer.exe (SetNamedSecurityInfoW) : nlaapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x38703E64)
[Address] EAT @explorer.exe (SetSecurityInfo) : nlaapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x387021B0)
[Address] EAT @explorer.exe (DllCanUnloadNow) : tbs.dll -> HOOKED (C:\WINDOWS\system32\twinui.dll @ 0x37471598)
[Address] EAT @explorer.exe (DllGetActivationFactory) : tbs.dll -> HOOKED (C:\WINDOWS\system32\twinui.dll @ 0x374FC13C)
[Address] EAT @explorer.exe (DllGetClassObject) : tbs.dll -> HOOKED (C:\WINDOWS\system32\twinui.dll @ 0x3749C540)
¤¤¤ External Hives: ¤¤¤
¤¤¤ Infection : ¤¤¤
¤¤¤ HOSTS File: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts
¤¤¤ MBR Check: ¤¤¤
+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) Hitachi HTS545050A7E380 +++++
--- User ---
[MBR] 349e38587d586de91a46bf864a56e4dd
[BSP] a4a8aa4dd53b613db3654ee9f099e922 : Empty MBR Code
Partition table:
0 - [XXXXXX] UNKNOWN (0x00) [VISIBLE] Offset (sectors): 1 | Size: 2097152 MB
User = LL1 ... OK!
User = LL2 ... OK!
Finished : << RKreport[0]_S_04032014_220959.txt >>
Please help thanks! ^_^