Author Topic: RogueKiller 11 beta  (Read 40308 times)

0 Members and 1 Guest are viewing this topic.

Reply #30October 26, 2015, 02:23:35 pm

Curson

  • Global Moderator
  • Hero Member

  • Offline
  • *****

  • 2310
  • Reputation:
    82
    • View Profile
Re: RogueKiller 11 beta
« Reply #30 on: October 26, 2015, 02:23:35 pm »
Hi Steve,

Welcome to Adlice.com Forum.

RogueKiller driver, TrueSight.sys, is digitally signed.
When using Driver Signature Enforcement Overrider, you corrupt the signature and thus, make it impossible to load.

Regards.

Reply #31October 26, 2015, 06:05:36 pm

greysmouth

  • Jr. Member

  • Offline
  • **

  • 61
  • Reputation:
    0
    • View Profile
    • Facebook
Re: RogueKiller 11 beta
« Reply #31 on: October 26, 2015, 06:05:36 pm »
Hello. Here attached is the last RK beta 8 report.Enjoy!Regards, greysmouth BO It

Reply #32October 27, 2015, 10:32:19 pm

firefoxthebomb

  • Newbie

  • Offline
  • *

  • 13
  • Reputation:
    0
    • View Profile
Re: RogueKiller 11 beta
« Reply #32 on: October 27, 2015, 10:32:19 pm »
Sorry Tigzy I got busy and just now was able to test it. 

I downloaded and ran version 11 beta 8 with no issues this time around.
Dell Precision T5600, Win7 Ultimate 64bit fully updated, Symantec Endpoint Protection,
Watchguard Firewall, Intel Xeon E5-2620 CPU, Dual Six Core Process

Reply #33November 29, 2015, 11:08:11 pm

Curson

  • Global Moderator
  • Hero Member

  • Offline
  • *****

  • 2310
  • Reputation:
    82
    • View Profile
Re: RogueKiller 11 beta
« Reply #33 on: November 29, 2015, 11:08:11 pm »
Hi firefoxthebomb,

Thanks for your review. :)
RogueKiller version 11 will hopefully be released tomorrow as stable.

Regards.

Reply #34December 02, 2015, 03:43:00 pm

greysmouth

  • Jr. Member

  • Offline
  • **

  • 61
  • Reputation:
    0
    • View Profile
    • Facebook
Re: RogueKiller 11 beta
« Reply #34 on: December 02, 2015, 03:43:00 pm »
Hello. Here attached is the last RK beta 8 report.Enjoy!Regards, greysmouth BO It
Hello guys! Please, have a look at my attached report. It seems RK has found something weird. Thanks and regards, greysmouth BO IT.

Reply #35December 03, 2015, 03:21:16 pm

Curson

  • Global Moderator
  • Hero Member

  • Offline
  • *****

  • 2310
  • Reputation:
    82
    • View Profile
Re: RogueKiller 11 beta
« Reply #35 on: December 03, 2015, 03:21:16 pm »
Hi greysmouth,

RogueKiller 11 is now released as stable.
Could you please download  latest version, redo a scan and post the report in your next reply ?

Regards.

Reply #36December 03, 2015, 03:44:12 pm

greysmouth

  • Jr. Member

  • Offline
  • **

  • 61
  • Reputation:
    0
    • View Profile
    • Facebook
Re: RogueKiller 11 beta
« Reply #36 on: December 03, 2015, 03:44:12 pm »
Yes, Sir!
Will you excuse me, where's the RK Premium stable version's download? Thanks and regards,greysmouth BO IT.
« Last Edit: December 03, 2015, 03:49:41 pm by greysmouth »

Reply #37December 04, 2015, 01:52:31 pm

Curson

  • Global Moderator
  • Hero Member

  • Offline
  • *****

  • 2310
  • Reputation:
    82
    • View Profile
Re: RogueKiller 11 beta
« Reply #37 on: December 04, 2015, 01:52:31 pm »
Hi greysmouth,

You just have to download and install the full version and register it with your licence key. :)

Regards.

Reply #38December 04, 2015, 04:32:28 pm

ronster1269

  • Newbie

  • Offline
  • *

  • 1
  • Reputation:
    0
    • View Profile
Re: RogueKiller 11 beta
« Reply #38 on: December 04, 2015, 04:32:28 pm »
Anyone get this and is it positive or false positive?
RogueKiller V11.0.0.0 beta 9 (x64) [Nov 18 2015] (Free) by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Website : http://www.adlice.com/software/roguekiller/
Blog : http://www.adlice.com

Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : Michael [Administrator]
Started from : C:\Users\Michael\Desktop\RogueKillerX64_beta.exe
Mode : Scan -- Date : 12/03/2015 16:00:01

Processes : 0

Registry : 0

Tasks : 0

Files : 0

Hosts File : 0

Antirootkit : 30 (Driver: Loaded)
[IAT:Inl(Hook.IEAT)] (explorer.exe) ntdll!NtSetSystemInformation : Unknown @ 0x76ef01e0 (jmp 0x161140|jmp 0xfffffffffffffe19|jmp 0x19b)
[IAT:Inl(Hook.IEAT)] (explorer.exe @ kernel32.dll) ntdll!NtWriteVirtualMemory : Unknown @ 0x76ef03a0 (jmp 0x162650|jmp 0xfffffffffffffc59|jmp 0x19b)
[IAT:Inl(Hook.IEAT)] (explorer.exe @ kernel32.dll) ntdll!NtDuplicateObject : Unknown @ 0x76ef0380 (jmp 0x162610|jmp 0xfffffffffffffc79|jmp 0x19b)
[IAT:Inl(Hook.IEAT)] (explorer.exe @ kernel32.dll) ntdll!NtCreateEvent : Unknown @ 0x76ef02c0 (jmp 0x162490|jmp 0xfffffffffffffd39|jmp 0x19b)
[IAT:Inl(Hook.IEAT)] (explorer.exe @ kernel32.dll) ntdll!NtNotifyChangeKey : Unknown @ 0x76ef0480 (jmp 0x161bf0|jmp 0xfffffffffffffb79|jmp 0x19b)
[IAT:Inl(Hook.IEAT)] (explorer.exe @ kernel32.dll) ntdll!NtTerminateProcess : Unknown @ 0x76ef03d0 (jmp 0x162760|jmp 0xfffffffffffffc29|jmp 0x19b)
[IAT:Inl(Hook.IEAT)] (explorer.exe @ kernel32.dll) ntdll!NtOpenEvent : Unknown @ 0x76ef02d0 (jmp 0x162520|jmp 0xfffffffffffffd29|jmp 0x19b)
[IAT:Inl(Hook.IEAT)] (explorer.exe @ kernel32.dll) ntdll!NtAssignProcessToJobObject : Unknown @ 0x76ef0390 (jmp 0x162160|jmp 0xfffffffffffffc69|jmp 0x19b)
[IAT:Inl(Hook.IEAT)] (explorer.exe @ kernel32.dll) ntdll!NtSetContextThread : Unknown @ 0x76ef03f0 (jmp 0x161510|jmp 0xfffffffffffffc09|jmp 0x19b)
[IAT:Inl(Hook.IEAT)] (explorer.exe @ kernel32.dll) ntdll!NtCreateSection : Unknown @ 0x76ef0300 (jmp 0x1624b0|jmp 0xfffffffffffffcf9|jmp 0x19b)
[IAT:Inl(Hook.IEAT)] (explorer.exe @ kernel32.dll) ntdll!NtOpenProcess : Unknown @ 0x76ef0360 (jmp 0x162750|jmp 0xfffffffffffffc99|jmp 0x19b)
[IAT:Inl(Hook.IEAT)] (explorer.exe @ kernel32.dll) ntdll!NtNotifyChangeMultipleKeys : Unknown @ 0x76ef0490 (jmp 0x161bf0|jmp 0xfffffffffffffb69|jmp 0x19b)
[IAT:Inl(Hook.IEAT)] (explorer.exe @ kernel32.dll) ntdll!NtQueryObject : Unknown @ 0x76ef0440 (jmp 0x162990|jmp 0xfffffffffffffbb9|jmp 0x19b)
[IAT:Inl(Hook.IEAT)] (explorer.exe @ KERNELBASE.dll) ntdll!NtCreateIoCompletion : Unknown @ 0x76ef0340 (jmp 0x162020|jmp 0xfffffffffffffcb9|jmp 0x19b)
[IAT:Inl(Hook.IEAT)] (explorer.exe @ KERNELBASE.dll) ntdll!NtOpenSection : Unknown @ 0x76ef0310 (jmp 0x1625f0|jmp 0xfffffffffffffce9|jmp 0x19b)
[IAT:Inl(Hook.IEAT)] (explorer.exe @ KERNELBASE.dll) ntdll!NtCreateSemaphore : Unknown @ 0x76ef02a0 (jmp 0x161e90|jmp 0xfffffffffffffd59|jmp 0x19b)
[IAT:Inl(Hook.IEAT)] (explorer.exe @ KERNELBASE.dll) ntdll!NtOpenSemaphore : Unknown @ 0x76ef02b0 (jmp 0x161920|jmp 0xfffffffffffffd49|jmp 0x19b)
[IAT:Inl(Hook.IEAT)] (explorer.exe @ KERNELBASE.dll) ntdll!NtCreateMutant : Unknown @ 0x76ef0280 (jmp 0x161f00|jmp 0xfffffffffffffd79|jmp 0x19b)
[IAT:Inl(Hook.IEAT)] (explorer.exe @ KERNELBASE.dll) ntdll!NtOpenMutant : Unknown @ 0x76ef0290 (jmp 0x161950|jmp 0xfffffffffffffd69|jmp 0x19b)
[IAT:Inl(Hook.IEAT)] (explorer.exe @ KERNELBASE.dll) ntdll!NtCreateTimer : Unknown @ 0x76ef0320 (jmp 0x161ee0|jmp 0xfffffffffffffcd9|jmp 0x19b)
[IAT:Inl(Hook.IEAT)] (explorer.exe @ KERNELBASE.dll) ntdll!NtOpenTimer : Unknown @ 0x76ef0330 (jmp 0x161960|jmp 0xfffffffffffffcc9|jmp 0x19b)
[IAT:Inl(Hook.IEAT)] (explorer.exe @ KERNELBASE.dll) ntdll!NtCreateThreadEx : Unknown @ 0x76ef03c0 (jmp 0x161f90|jmp 0xfffffffffffffc39|jmp 0x19b)
[IAT:Inl(Hook.IEAT)] (explorer.exe @ KERNELBASE.dll) ntdll!NtTerminateThread : Unknown @ 0x76ef03e0 (jmp 0x162500|jmp 0xfffffffffffffc19|jmp 0x19b)
[IAT:Inl(Hook.IEAT)] (explorer.exe @ KERNELBASE.dll) ntdll!NtOpenThread : Unknown @ 0x76ef0370 (jmp 0x1619b0|jmp 0xfffffffffffffc89|jmp 0x19b)
[IAT:Inl(Hook.IEAT)] (explorer.exe @ KERNELBASE.dll) ntdll!NtSuspendThread : Unknown @ 0x76ef0420 (jmp 0x161290|jmp 0xfffffffffffffbd9|jmp 0x19b)
[IAT:Inl(Hook.IEAT)] (explorer.exe @ rpcrt4.dll) ntdll!NtAlpcSendWaitReceivePort : Unknown @ 0x76ef0470 (jmp 0x162270|jmp 0xfffffffffffffb89|jmp 0x19b)
[IAT:Inl(Hook.IEAT)] (explorer.exe @ rpcrt4.dll) ntdll!NtQueueApcThreadEx : Unknown @ 0x76ef0430 (jmp 0x161770|jmp 0xfffffffffffffbc9|jmp 0x19b)
[IAT:Inl(Hook.IEAT)] (explorer.exe @ gdi32.dll) ntdll!NtVdmControl : Unknown @ 0x76ef0270 (jmp 0x160ff0|jmp 0xfffffffffffffd89|jmp 0x19b)
[IAT:Inl(Hook.IEAT)] (explorer.exe @ ntmarta.dll) ntdll!NtOpenEventPair : Unknown @ 0x76ef02f0 (jmp 0x161a20|jmp 0xfffffffffffffd09|jmp 0x19b)
[IAT:Inl(Hook.IEAT)] (explorer.exe @ ws2_32.dll) ntdll!NtLoadDriver : Unknown @ 0x76ef01d0 (jmp 0x161a30|jmp 0xfffffffffffffe29|jmp 0x19b)

Web browsers : 0

MBR Check :
+++++ PhysicalDrive0:  +++++
--- User ---
[MBR] 78f4806284ed6e73f3a83b663c08c754
[BSP] 3b232571214c544ddb843532265a46f2 : HP MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 100 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 206848 | Size: 465631 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
2 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 953819136 | Size: 11207 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
User = LL1 ... OK
Error reading LL2 MBR! ([1] Incorrect function. )

+++++ PhysicalDrive1:  +++++
Error reading User MBR! ([15] The device is not ready. )
Error reading LL1 MBR! NOT VALID!
Error reading LL2 MBR! ([32] The request is not supported. )


Reply #39December 04, 2015, 05:00:22 pm

greysmouth

  • Jr. Member

  • Offline
  • **

  • 61
  • Reputation:
    0
    • View Profile
    • Facebook
Re: RogueKiller 11 beta
« Reply #39 on: December 04, 2015, 05:00:22 pm »
Hi greysmouth,

RogueKiller 11 is now released as stable.
Could you please download  latest version, redo a scan and post the report in your next reply ?

Regards.
Hi Curson. Here we go..RK 11 Final version and report. Best regards, greysmouth BO IT.

Reply #40December 07, 2015, 02:29:26 pm

Curson

  • Global Moderator
  • Hero Member

  • Offline
  • *****

  • 2310
  • Reputation:
    82
    • View Profile
Re: RogueKiller 11 beta
« Reply #40 on: December 07, 2015, 02:29:26 pm »
Hi ronster1269,

These entries are false positives.
This should be fixed in RogueKiller current version.

Regards.

Reply #41December 07, 2015, 02:30:46 pm

Curson

  • Global Moderator
  • Hero Member

  • Offline
  • *****

  • 2310
  • Reputation:
    82
    • View Profile
Re: RogueKiller 11 beta
« Reply #41 on: December 07, 2015, 02:30:46 pm »
Hi greysmouth,

Your report is perfectly clean.
Thanks for taking your time to help us through the beta. :)

Regards.

Reply #42December 07, 2015, 03:15:34 pm

greysmouth

  • Jr. Member

  • Offline
  • **

  • 61
  • Reputation:
    0
    • View Profile
    • Facebook
Re: RogueKiller 11 beta
« Reply #42 on: December 07, 2015, 03:15:34 pm »
Hello. Glad to hear you. So, now running the RK stable version. It works good. Best regards, greysmouth BO IT.

Reply #43December 07, 2015, 03:24:06 pm

Curson

  • Global Moderator
  • Hero Member

  • Offline
  • *****

  • 2310
  • Reputation:
    82
    • View Profile
Re: RogueKiller 11 beta
« Reply #43 on: December 07, 2015, 03:24:06 pm »
Hi greysmouth,

Glad to hear this.

Regards.