Author Topic: How to interrupt RK scan  (Read 3933 times)

0 Members and 1 Guest are viewing this topic.

April 18, 2014, 06:39:40 pm

shawnaray

  • Guest
How to interrupt RK scan
« on: April 18, 2014, 06:39:40 pm »
I scanned my computer a few times and the last time I scanned it I turned off my anti-virus software. Each time I scanned it the same results came up. I was wondering if someone could look at the results and let me know what they think? I have been having problems w/ the way my computer has been operating and I kind believe it may be a virus.
RogueKiller V8.8.15 _x64_ [Mar 27 2014] by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Website : http://www.adlice.com/softwares/roguekiller/
Blog : http://www.adlice.com

Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : admin [Admin rights]
Mode : Scan -- Date : 04/18/2014 12:31:46
| ARK || FAK || MBR |

Bad processes : 0

Registry Entries : 0

Scheduled tasks : 0

Startup Entries : 0

Web browsers : 0

Browser Addons : 0

Particular Files / Folders:

Driver : [NOT LOADED 0x0]
[Address] EAT @explorer.exe (DsAddressToSiteNamesA) : DNSAPI.dll -> HOOKED (C:\Windows\system32\LOGONCLI.DLL @ 0xFB93CF80)
[Address] EAT @explorer.exe (DsAddressToSiteNamesExA) : DNSAPI.dll -> HOOKED (C:\Windows\system32\LOGONCLI.DLL @ 0xFB93D3C8)
[Address] EAT @explorer.exe (DsAddressToSiteNamesExW) : DNSAPI.dll -> HOOKED (C:\Windows\system32\LOGONCLI.DLL @ 0xFB93D828)
[Address] EAT @explorer.exe (DsAddressToSiteNamesW) : DNSAPI.dll -> HOOKED (C:\Windows\system32\LOGONCLI.DLL @ 0xFB93D234)
[Address] EAT @explorer.exe (DsDeregisterDnsHostRecordsA) : DNSAPI.dll -> HOOKED (C:\Windows\system32\LOGONCLI.DLL @ 0xFB93F214)
[Address] EAT @explorer.exe (DsDeregisterDnsHostRecordsW) : DNSAPI.dll -> HOOKED (C:\Windows\system32\LOGONCLI.DLL @ 0xFB93F1BC)
[Address] EAT @explorer.exe (DsEnumerateDomainTrustsA) : DNSAPI.dll -> HOOKED (C:\Windows\system32\LOGONCLI.DLL @ 0xFB93EB80)
[Address] EAT @explorer.exe (DsEnumerateDomainTrustsW) : DNSAPI.dll -> HOOKED (C:\Windows\system32\LOGONCLI.DLL @ 0xFB937A6C)
[Address] EAT @explorer.exe (DsGetDcCloseW) : DNSAPI.dll -> HOOKED (C:\Windows\system32\LOGONCLI.DLL @ 0xFB93C844)
[Address] EAT @explorer.exe (DsGetDcNameA) : DNSAPI.dll -> HOOKED (C:\Windows\system32\LOGONCLI.DLL @ 0xFB93C850)
[Address] EAT @explorer.exe (DsGetDcNameW) : DNSAPI.dll -> HOOKED (C:\Windows\system32\LOGONCLI.DLL @ 0xFB9314C0)
[Address] EAT @explorer.exe (DsGetDcNameWithAccountA) : DNSAPI.dll -> HOOKED (C:\Windows\system32\LOGONCLI.DLL @ 0xFB93C888)
[Address] EAT @explorer.exe (DsGetDcNameWithAccountW) : DNSAPI.dll -> HOOKED (C:\Windows\system32\LOGONCLI.DLL @ 0xFB93129C)
[Address] EAT @explorer.exe (DsGetDcNextA) : DNSAPI.dll -> HOOKED (C:\Windows\system32\LOGONCLI.DLL @ 0xFB93C75C)
[Address] EAT @explorer.exe (DsGetDcNextW) : DNSAPI.dll -> HOOKED (C:\Windows\system32\LOGONCLI.DLL @ 0xFB93C690)
[Address] EAT @explorer.exe (DsGetDcOpenA) : DNSAPI.dll -> HOOKED (C:\Windows\system32\LOGONCLI.DLL @ 0xFB93C58C)
[Address] EAT @explorer.exe (DsGetDcOpenW) : DNSAPI.dll -> HOOKED (C:\Windows\system32\LOGONCLI.DLL @ 0xFB93C47C)
[Address] EAT @explorer.exe (DsGetDcSiteCoverageA) : DNSAPI.dll -> HOOKED (C:\Windows\system32\LOGONCLI.DLL @ 0xFB93DA9C)
[Address] EAT @explorer.exe (DsGetDcSiteCoverageW) : DNSAPI.dll -> HOOKED (C:\Windows\system32\LOGONCLI.DLL @ 0xFB93DD5C)
[Address] EAT @explorer.exe (DsGetForestTrustInformationW) : DNSAPI.dll -> HOOKED (C:\Windows\system32\LOGONCLI.DLL @ 0xFB93F2EC)
[Address] EAT @explorer.exe (DsGetSiteNameA) : DNSAPI.dll -> HOOKED (C:\Windows\system32\LOGONCLI.DLL @ 0xFB93CEE0)
[Address] EAT @explorer.exe (DsGetSiteNameW) : DNSAPI.dll -> HOOKED (C:\Windows\system32\LOGONCLI.DLL @ 0xFB937578)
[Address] EAT @explorer.exe (DsMergeForestTrustInformationW) : DNSAPI.dll -> HOOKED (C:\Windows\system32\LOGONCLI.DLL @ 0xFB93F3B0)
[Address] EAT @explorer.exe (DsValidateSubnetNameA) : DNSAPI.dll -> HOOKED (C:\Windows\system32\LOGONCLI.DLL @ 0xFB93CD8C)
[Address] EAT @explorer.exe (DsValidateSubnetNameW) : DNSAPI.dll -> HOOKED (C:\Windows\system32\LOGONCLI.DLL @ 0xFB93CDD8)
[Address] EAT @explorer.exe (I_DsUpdateReadOnlyServerDnsRecords) : DNSAPI.dll -> HOOKED (C:\Windows\system32\LOGONCLI.DLL @ 0xFB93DF08)
[Address] EAT @explorer.exe (I_NetAccountDeltas) : DNSAPI.dll -> HOOKED (C:\Windows\system32\LOGONCLI.DLL @ 0xFB93E6D0)
[Address] EAT @explorer.exe (I_NetAccountSync) : DNSAPI.dll -> HOOKED (C:\Windows\system32\LOGONCLI.DLL @ 0xFB93E6D0)
[Address] EAT @explorer.exe (I_NetChainSetClientAttributes) : DNSAPI.dll -> HOOKED (C:\Windows\system32\LOGONCLI.DLL @ 0xFB93F408)
[Address] EAT @explorer.exe (I_NetChainSetClientAttributes2) : DNSAPI.dll -> HOOKED (C:\Windows\system32\LOGONCLI.DLL @ 0xFB93F48C)
[Address] EAT @explorer.exe (I_NetDatabaseDeltas) : DNSAPI.dll -> HOOKED (C:\Windows\system32\LOGONCLI.DLL @ 0xFB93E6D0)
[Address] EAT @explorer.exe (I_NetDatabaseRedo) : DNSAPI.dll -> HOOKED (C:\Windows\system32\LOGONCLI.DLL @ 0xFB93E6D0)
[Address] EAT @explorer.exe (I_NetDatabaseSync) : DNSAPI.dll -> HOOKED (C:\Windows\system32\LOGONCLI.DLL @ 0xFB93E6D0)
[Address] EAT @explorer.exe (I_NetDatabaseSync2) : DNSAPI.dll -> HOOKED (C:\Windows\system32\LOGONCLI.DLL @ 0xFB93E6D0)
[Address] EAT @explorer.exe (I_NetGetDCList) : DNSAPI.dll -> HOOKED (C:\Windows\system32\LOGONCLI.DLL @ 0xFB93E18C)
[Address] EAT @explorer.exe (I_NetGetForestTrustInformation) : DNSAPI.dll -> HOOKED (C:\Windows\system32\LOGONCLI.DLL @ 0xFB93F350)
[Address] EAT @explorer.exe (I_NetLogonControl) : DNSAPI.dll -> HOOKED (C:\Windows\system32\LOGONCLI.DLL @ 0xFB93E6DC)
[Address] EAT @explorer.exe (I_NetLogonControl2) : DNSAPI.dll -> HOOKED (C:\Windows\system32\LOGONCLI.DLL @ 0xFB93E730)
[Address] EAT @explorer.exe (I_NetLogonGetCapabilities) : DNSAPI.dll -> HOOKED (C:\Windows\system32\LOGONCLI.DLL @ 0xFB9322D0)
[Address] EAT @explorer.exe (I_NetLogonGetDomainInfo) : DNSAPI.dll -> HOOKED (C:\Windows\system32\LOGONCLI.DLL @ 0xFB9321DC)
[Address] EAT @explorer.exe (I_NetLogonSamLogoff) : DNSAPI.dll -> HOOKED (C:\Windows\system32\LOGONCLI.DLL @ 0xFB93E460)
[Address] EAT @explorer.exe (I_NetLogonSamLogon) : DNSAPI.dll -> HOOKED (C:\Windows\system32\LOGONCLI.DLL @ 0xFB93E2E8)
[Address] EAT @explorer.exe (I_NetLogonSamLogonEx) : DNSAPI.dll -> HOOKED (C:\Windows\system32\LOGONCLI.DLL @ 0xFB93E394)
[Address] EAT @explorer.exe (I_NetLogonSamLogonWithFlags) : DNSAPI.dll -> HOOKED (C:\Windows\system32\LOGONCLI.DLL @ 0xFB937D2C)
[Address] EAT @explorer.exe (I_NetLogonSendToSam) : DNSAPI.dll -> HOOKED (C:\Windows\system32\LOGONCLI.DLL @ 0xFB93E4C8)
[Address] EAT @explorer.exe (I_NetLogonUasLogoff) : DNSAPI.dll -> HOOKED (C:\Windows\system32\LOGONCLI.DLL @ 0xFB93E2A8)
[Address] EAT @explorer.exe (I_NetLogonUasLogon) : DNSAPI.dll -> HOOKED (C:\Windows\system32\LOGONCLI.DLL @ 0xFB93E268)
[Address] EAT @explorer.exe (I_NetServerAuthenticate) : DNSAPI.dll -> HOOKED (C:\Windows\system32\LOGONCLI.DLL @ 0xFB93E528)
[Address] EAT @explorer.exe (I_NetServerAuthenticate2) : DNSAPI.dll -> HOOKED (C:\Windows\system32\LOGONCLI.DLL @ 0xFB93E588)
[Address] EAT @explorer.exe (I_NetServerAuthenticate3) : DNSAPI.dll -> HOOKED (C:\Windows\system32\LOGONCLI.DLL @ 0xFB932260)
[Address] EAT @explorer.exe (I_NetServerGetTrustInfo) : DNSAPI.dll -> HOOKED (C:\Windows\system32\LOGONCLI.DLL @ 0xFB93F0F4)
[Address] EAT @explorer.exe (I_NetServerPasswordGet) : DNSAPI.dll -> HOOKED (C:\Windows\system32\LOGONCLI.DLL @ 0xFB93F010)
[Address] EAT @explorer.exe (I_NetServerPasswordSet) : DNSAPI.dll -> HOOKED (C:\Windows\system32\LOGONCLI.DLL @ 0xFB93E5F4)
[Address] EAT @explorer.exe (I_NetServerPasswordSet2) : DNSAPI.dll -> HOOKED (C:\Windows\system32\LOGONCLI.DLL @ 0xFB93E660)
[Address] EAT @explorer.exe (I_NetServerReqChallenge) : DNSAPI.dll -> HOOKED (C:\Windows\system32\LOGONCLI.DLL @ 0xFB931FB4)
[Address] EAT @explorer.exe (I_NetServerTrustPasswordsGet) : DNSAPI.dll -> HOOKED (C:\Windows\system32\LOGONCLI.DLL @ 0xFB93F07C)
[Address] EAT @explorer.exe (I_NetlogonComputeClientDigest) : DNSAPI.dll -> HOOKED (C:\Windows\system32\LOGONCLI.DLL @ 0xFB937630)
[Address] EAT @explorer.exe (I_NetlogonComputeServerDigest) : DNSAPI.dll -> HOOKED (C:\Windows\system32\LOGONCLI.DLL @ 0xFB93EFB0)
[Address] EAT @explorer.exe (I_NetlogonGetTrustRid) : DNSAPI.dll -> HOOKED (C:\Windows\system32\LOGONCLI.DLL @ 0xFB9375C4)
[Address] EAT @explorer.exe (I_RpcExtInitializeExtensionPoint) : DNSAPI.dll -> HOOKED (C:\Windows\system32\LOGONCLI.DLL @ 0xFB93FA78)
[Address] EAT @explorer.exe (NetAddServiceAccount) : DNSAPI.dll -> HOOKED (C:\Windows\system32\LOGONCLI.DLL @ 0xFB93F510)
[Address] EAT @explorer.exe (NetEnumerateServiceAccounts) : DNSAPI.dll -> HOOKED (C:\Windows\system32\LOGONCLI.DLL @ 0xFB93F59C)
[Address] EAT @explorer.exe (NetEnumerateTrustedDomains) : DNSAPI.dll -> HOOKED (C:\Windows\system32\LOGONCLI.DLL @ 0xFB93E864)
[Address] EAT @explorer.exe (NetGetAnyDCName) : DNSAPI.dll -> HOOKED (C:\Windows\system32\LOGONCLI.DLL @ 0xFB93CD4C)
[Address] EAT @explorer.exe (NetGetDCName) : DNSAPI.dll -> HOOKED (C:\Windows\system32\LOGONCLI.DLL @ 0xFB937B14)
[Address] EAT @explorer.exe (NetIsServiceAccount) : DNSAPI.dll -> HOOKED (C:\Windows\system32\LOGONCLI.DLL @ 0xFB93F63C)
[Address] EAT @explorer.exe (NetLogonGetTimeServiceParentDomain) : DNSAPI.dll -> HOOKED (C:\Windows\system32\LOGONCLI.DLL @ 0xFB93F17C)
[Address] EAT @explorer.exe (NetLogonSetServiceBits) : DNSAPI.dll -> HOOKED (C:\Windows\system32\LOGONCLI.DLL @ 0xFB9375FC)
[Address] EAT @explorer.exe (NetQueryServiceAccount) : DNSAPI.dll -> HOOKED (C:\Windows\system32\LOGONCLI.DLL @ 0xFB93F69C)
[Address] EAT @explorer.exe (NetRemoveServiceAccount) : DNSAPI.dll -> HOOKED (C:\Windows\system32\LOGONCLI.DLL @ 0xFB93F558)
[Address] EAT @explorer.exe (NlBindingAddServerToCache) : DNSAPI.dll -> HOOKED (C:\Windows\system32\LOGONCLI.DLL @ 0xFB931FF0)
[Address] EAT @explorer.exe (NlBindingRemoveServerFromCache) : DNSAPI.dll -> HOOKED (C:\Windows\system32\LOGONCLI.DLL @ 0xFB937A00)
[Address] EAT @explorer.exe (NlBindingSetAuthInfo) : DNSAPI.dll -> HOOKED (C:\Windows\system32\LOGONCLI.DLL @ 0xFB931F20)

External Hives:

Infection : 

HOSTS File:
--> %SystemRoot%\System32\drivers\etc\hosts




MBR Check:

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) Hitachi HTS725032A9A364 +++++
--- User ---
[MBR] f161517b7e592ef3b2bf9c3a44598507
[BSP] e8f54dba0a0567898fa8d649484e9b5a : Windows 7/8 MBR Code
Partition table:
0 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 13312 MB
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 27265024 | Size: 84 MB
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 27469824 | Size: 291831 MB
User = LL1 ... OK!
User = LL2 ... OK!

Finished : << RKreport[0]_S_04182014_123146.txt >>
RKreport[0]_D_04062014_131418.txt;RKreport[0]_D_11082013_171321.txt;RKreport[0]_S_03012014_083643.txt
RKreport[0]_S_03012014_083828.txt;RKreport[0]_S_04042014_114440.txt;RKreport[0]_S_04062014_123918.txt
RKreport[0]_S_04062014_131105.txt;RKreport[0]_S_04062014_131306.txt;RKreport[0]_S_04182014_122242.txt
RKreport[0]_S_04182014_122650.txt;RKreport[0]_S_10012013_065250.txt;RKreport[0]_S_10122013_051007.txt
RKreport[0]_S_10122013_055149.txt;RKreport[0]_S_10302013_083045.txt;RKreport[0]_S_11082013_163846.txt
RKreport[0]_S_11102013_070558.txt;RKreport[0]_S_12302013_081049.txt