Author Topic: What does this mean?  (Read 5233 times)

0 Members and 2 Guests are viewing this topic.

May 04, 2014, 05:56:28 AM

heyjude

  • Guest
What does this mean?
« on: May 04, 2014, 05:56:28 AM »
RogueKiller V8.8.15 _x64_ [Mar 27 2014] by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Website : http://www.adlice.com/softwares/roguekiller/
Blog : http://www.adlice.com

Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : Julie [Admin rights]
Mode : Scan -- Date : 05/03/2014 22:46:17
| ARK || FAK || MBR |

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 0 ¤¤¤

¤¤¤ Scheduled tasks : 0 ¤¤¤

¤¤¤ Startup Entries : 0 ¤¤¤

¤¤¤ Web browsers : 0 ¤¤¤

¤¤¤ Browser Addons : 0 ¤¤¤

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [NOT LOADED 0x0] ¤¤¤
[Address] EAT @explorer.exe (DllCanUnloadNow) : npmproxy.dll -> HOOKED (C:\Windows\System32\AltTab.dll @ 0xF18B20D8)
[Address] EAT @explorer.exe (DllGetClassObject) : npmproxy.dll -> HOOKED (C:\Windows\System32\AltTab.dll @ 0xF18B20EC)

¤¤¤ External Hives: ¤¤¤

¤¤¤ Infection :  ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts


127.0.0.1   localhost


¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) ST950032 5AS SATA Disk Device +++++
--- User ---
[MBR] 0d9ee0f5bd374532f655877b44e0843d
[BSP] ee92ccddf702530e27932213ecc73c2e : Windows 7/8 MBR Code
Partition table:
0 - [XXXXXX] FAT32-LBA (0x1c) [HIDDEN!] Offset (sectors): 2048 | Size: 25600 MB
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 52430848 | Size: 205084 MB
2 - [XXXXXX] EXTEN-LBA (0x0f) [VISIBLE] Offset (sectors): 472442880 | Size: 246255 MB
User = LL1 ... OK!
User = LL2 ... OK!

Finished : << RKreport[0]_S_05032014_224617.txt >>
RKreport[0]_D_05022014_022133.txt;RKreport[0]_H_05022014_023432.txt;RKreport[0]_S_05022014_020709.txt
RKreport[0]_S_05022014_022636.txt;RKreport[0]_S_05022014_023321.txt

Reply #1May 07, 2014, 09:27:16 AM

Tigzy

  • Administrator
  • Hero Member

  • Offline
  • *****

  • 957
  • Reputation:
    91
  • Personal Text
    Owner, Adlice Software
    • View Profile
    • Adlice Software
Re: What does this mean?
« Reply #1 on: May 07, 2014, 09:27:16 AM »
Hello
This is a hook.

AltTab.dll looks legit however.