Firefox Posted March 30, 2015 ID:951815 Share Posted March 30, 2015 I know this is not a false positive while using Malwarebytes, but it is one of your files being targeted or detected. This is with RogueKiller app v10.5.8. You guys may want to contact them about it. This is during a prescan.RogueKiller Log: if needed...RogueKiller V10.5.8.0 (x64) [Mar 30 2015] by Adlice Softwaremail : http://www.adlice.com/contact/Feedback : http://forum.adlice.comWebsite : http://www.adlice.com/softwares/roguekiller/Blog : http://www.adlice.comOperating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits versionStarted in : Normal modeUser : owner [Administrator]Started from : L:\Flash Drives\128GB Flash Drive Backup\Tech CD\Utils\Ad Aware\Bleeping Computer Stuff\RogueKiller by tigzy\RogueKillerX64 V10.5.8.exeMode : Scan -- Date : 03/30/2015 11:10:32¤¤¤ Processes : 1 ¤¤¤[Tr.Zeus] mbsbscan.exe(9528) -- C:\Program Files (x86)\Malwarebytes Secure Backup\mbsbscan.exe[7] -> Killed [TermProc]¤¤¤ Registry : 9 ¤¤¤[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> Found[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> Found[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> Found[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> Found¤¤¤ Tasks : 0 ¤¤¤¤¤¤ Files : 0 ¤¤¤¤¤¤ Hosts File : 36 ¤¤¤[C:\Windows\System32\drivers\etc\hosts] 0.0.0.0 0.0.0.0 # fix for traceroute and netstat display anomaly[C:\Windows\System32\drivers\etc\hosts] 0.0.0.0 tracking.opencandy.com.s3.amazonaws.com[C:\Windows\System32\drivers\etc\hosts] 0.0.0.0 media.opencandy.com[C:\Windows\System32\drivers\etc\hosts] 0.0.0.0 cdn.opencandy.com[C:\Windows\System32\drivers\etc\hosts] 0.0.0.0 tracking.opencandy.com[C:\Windows\System32\drivers\etc\hosts] 0.0.0.0 api.opencandy.com[C:\Windows\System32\drivers\etc\hosts] 0.0.0.0 installer.betterinstaller.com[C:\Windows\System32\drivers\etc\hosts] 0.0.0.0 installer.filebulldog.com[C:\Windows\System32\drivers\etc\hosts] 0.0.0.0 d3oxtn1x3b8d7i.cloudfront.net[C:\Windows\System32\drivers\etc\hosts] 0.0.0.0 inno.bisrv.com[C:\Windows\System32\drivers\etc\hosts] 0.0.0.0 nsis.bisrv.com[C:\Windows\System32\drivers\etc\hosts] 0.0.0.0 cdn.file2desktop.com[C:\Windows\System32\drivers\etc\hosts] 0.0.0.0 cdn.goateastcach.us[C:\Windows\System32\drivers\etc\hosts] 0.0.0.0 cdn.guttastatdk.us[C:\Windows\System32\drivers\etc\hosts] 0.0.0.0 cdn.inskinmedia.com[C:\Windows\System32\drivers\etc\hosts] 0.0.0.0 cdn.insta.oibundles2.com[C:\Windows\System32\drivers\etc\hosts] 0.0.0.0 cdn.insta.playbryte.com[C:\Windows\System32\drivers\etc\hosts] 0.0.0.0 cdn.llogetfastcach.us[C:\Windows\System32\drivers\etc\hosts] 0.0.0.0 cdn.montiera.com[C:\Windows\System32\drivers\etc\hosts] 0.0.0.0 cdn.msdwnld.com[C:\Windows\System32\drivers\etc\hosts] 0.0.0.0 cdn.mypcbackup.com[C:\Windows\System32\drivers\etc\hosts] 0.0.0.0 cdn.ppdownload.com[C:\Windows\System32\drivers\etc\hosts] 0.0.0.0 cdn.riceateastcach.us[C:\Windows\System32\drivers\etc\hosts] 0.0.0.0 cdn.shyapotato.us[C:\Windows\System32\drivers\etc\hosts] 0.0.0.0 cdn.solimba.com[C:\Windows\System32\drivers\etc\hosts] 0.0.0.0 cdn.tuto4pc.com[C:\Windows\System32\drivers\etc\hosts] 0.0.0.0 cdn.appround.biz[C:\Windows\System32\drivers\etc\hosts] 0.0.0.0 cdn.bigspeedpro.com[C:\Windows\System32\drivers\etc\hosts] 0.0.0.0 cdn.bispd.com[C:\Windows\System32\drivers\etc\hosts] 0.0.0.0 cdn.bisrv.com[C:\Windows\System32\drivers\etc\hosts] 0.0.0.0 cdn.cdndp.com[C:\Windows\System32\drivers\etc\hosts] 0.0.0.0 cdn.download.sweetpacks.com[C:\Windows\System32\drivers\etc\hosts] 0.0.0.0 cdn.dpdownload.com[C:\Windows\System32\drivers\etc\hosts] 0.0.0.0 cdn.visualbee.net¤¤¤ Antirootkit : 52 (Driver: Loaded) ¤¤¤[iAT:Inl(Hook.IEAT)] (iexplore.exe) ntdll.dll - NtProtectVirtualMemory : @ 0x0 ()[iAT:Inl(Hook.IEAT)] (iexplore.exe) ntdll.dll - NtAllocateVirtualMemory : @ 0x0 ()[iAT:Inl(Hook.IEAT)] (iexplore.exe) WININET.dll - HttpSendRequestExW : @ 0x0 ()[iAT:Inl(Hook.IEAT)] (iexplore.exe) WININET.dll - HttpSendRequestA : @ 0x0 ()[iAT:Inl(Hook.IEAT)] (iexplore.exe) urlmon.dll - URLDownloadToFileW : @ 0x0 ()[iAT:Inl(Hook.IEAT)] (iexplore.exe) urlmon.dll - URLDownloadToCacheFileW : @ 0x0 ()[iAT:Inl(Hook.IEAT)] (iexplore.exe) ntdll.dll - NtProtectVirtualMemory : @ 0x0 ()[iAT:Inl(Hook.IEAT)] (iexplore.exe) ntdll.dll - NtAllocateVirtualMemory : @ 0x0 ()[iAT:Inl(Hook.IEAT)] (iexplore.exe) kernel32.dll - CopyFileW : @ 0x0 ()[iAT:Inl(Hook.IEAT)] (iexplore.exe) kernel32.dll - CreateProcessW : @ 0x0 ()[iAT:Inl(Hook.IEAT)] (iexplore.exe) kernel32.dll - CreateProcessInternalA : @ 0x0 ()[iAT:Inl(Hook.IEAT)] (iexplore.exe) kernel32.dll - MoveFileW : @ 0x0 ()[iAT:Inl(Hook.IEAT)] (iexplore.exe) kernel32.dll - CreateFileA : @ 0x0 ()[iAT:Inl(Hook.IEAT)] (iexplore.exe) kernel32.dll - CopyFileA : @ 0x0 ()[iAT:Inl(Hook.IEAT)] (iexplore.exe) kernel32.dll - CreateProcessA : @ 0x0 ()[iAT:Inl(Hook.IEAT)] (iexplore.exe) WININET.dll - HttpSendRequestExW : @ 0x0 ()[iAT:Inl(Hook.IEAT)] (iexplore.exe) WININET.dll - InternetOpenUrlW : @ 0x0 ()[iAT:Inl(Hook.IEAT)] (iexplore.exe) kernel32.dll - WinExec : @ 0x0 ()[iAT:Inl(Hook.IEAT)] (iexplore.exe) SHELL32.dll - ShellExecuteExW : @ 0x0 ()[iAT:Inl(Hook.IEAT)] (iexplore.exe) SHELL32.dll - ShellExecuteW : @ 0x0 ()[iAT:Inl(Hook.IEAT)] (iexplore.exe) urlmon.dll - URLDownloadToCacheFileW : @ 0x0 ()[iAT:Inl(Hook.IEAT)] (iexplore.exe) WININET.dll - HttpSendRequestW : @ 0x0 ()[iAT:Inl(Hook.IEAT)] (iexplore.exe) WININET.dll - InternetReadFile : @ 0x0 ()[iAT:Inl(Hook.IEAT)] (iexplore.exe) WININET.dll - InternetReadFileExW : @ 0x0 ()[iAT:Inl(Hook.IEAT)] (iexplore.exe) WININET.dll - HttpOpenRequestA : @ 0x0 ()[iAT:Inl(Hook.IEAT)] (iexplore.exe) WININET.dll - HttpOpenRequestW : @ 0x0 ()[iAT:Inl(Hook.IEAT)] (iexplore.exe) WININET.dll - HttpSendRequestA : @ 0x0 ()[iAT:Inl(Hook.IEAT)] (iexplore.exe) urlmon.dll - URLDownloadToFileW : @ 0x0 ()[iAT:Inl(Hook.IEAT)] (iexplore.exe) urlmon.dll - URLOpenBlockingStreamW : @ 0x0 ()[iAT:Inl(Hook.IEAT)] (iexplore.exe) kernel32.dll - MoveFileA : @ 0x0 ()[iAT:Inl(Hook.IEAT)] (iexplore.exe) ntdll.dll - NtProtectVirtualMemory : @ 0x0 ()[iAT:Inl(Hook.IEAT)] (iexplore.exe) ntdll.dll - NtAllocateVirtualMemory : @ 0x0 ()[iAT:Inl(Hook.IEAT)] (iexplore.exe) kernel32.dll - CopyFileW : @ 0x0 ()[iAT:Inl(Hook.IEAT)] (iexplore.exe) kernel32.dll - CreateProcessInternalA : @ 0x0 ()[iAT:Inl(Hook.IEAT)] (iexplore.exe) kernel32.dll - MoveFileW : @ 0x0 ()[iAT:Inl(Hook.IEAT)] (iexplore.exe) kernel32.dll - CreateFileA : @ 0x0 ()[iAT:Inl(Hook.IEAT)] (iexplore.exe) kernel32.dll - CopyFileA : @ 0x0 ()[iAT:Inl(Hook.IEAT)] (iexplore.exe) WININET.dll - HttpSendRequestExW : @ 0x0 ()[iAT:Inl(Hook.IEAT)] (iexplore.exe) WININET.dll - InternetOpenUrlW : @ 0x0 ()[iAT:Inl(Hook.IEAT)] (iexplore.exe) kernel32.dll - CreateProcessW : @ 0x0 ()[iAT:Inl(Hook.IEAT)] (iexplore.exe) kernel32.dll - WinExec : @ 0x0 ()[iAT:Inl(Hook.IEAT)] (iexplore.exe) SHELL32.dll - ShellExecuteExW : @ 0x0 ()[iAT:Inl(Hook.IEAT)] (iexplore.exe) SHELL32.dll - ShellExecuteW : @ 0x0 ()[iAT:Inl(Hook.IEAT)] (iexplore.exe) WININET.dll - HttpSendRequestW : @ 0x0 ()[iAT:Inl(Hook.IEAT)] (iexplore.exe) WININET.dll - InternetReadFile : @ 0x0 ()[iAT:Inl(Hook.IEAT)] (iexplore.exe) WININET.dll - InternetReadFileExW : @ 0x0 ()[iAT:Inl(Hook.IEAT)] (iexplore.exe) WININET.dll - HttpOpenRequestA : @ 0x0 ()[iAT:Inl(Hook.IEAT)] (iexplore.exe) WININET.dll - HttpOpenRequestW : @ 0x0 ()[iAT:Inl(Hook.IEAT)] (iexplore.exe) WININET.dll - HttpSendRequestA : @ 0x0 ()[iAT:Inl(Hook.IEAT)] (iexplore.exe) urlmon.dll - URLDownloadToFileW : @ 0x0 ()[iAT:Inl(Hook.IEAT)] (iexplore.exe) urlmon.dll - URLOpenBlockingStreamW : @ 0x0 ()[iAT:Inl(Hook.IEAT)] (iexplore.exe) urlmon.dll - URLDownloadToCacheFileW : @ 0x0 ()¤¤¤ Web browsers : 1 ¤¤¤[PUM.HomePage][FIREFX:Config] hcdjlx88.default : user_pref("browser.startup.homepage", "http://www.bleepingcomputer.com/forums/|https://forums.malwarebytes.org/|http://www.systemlookup.com/");-> Found ¤¤¤ MBR Check : ¤¤¤+++++ PhysicalDrive0: ATA TOSHIBA DT01ACA2 SCSI Disk Device +++++--- User ---[MBR] 9a58401060fd78b7ced0042be99fe3e8[bSP] a4478fcfe5b4c86f09d53598ed58a5e2 : HP MBR CodePartition table:0 - [XXXXXX] DELL-UTIL (0xde) [VISIBLE] Offset (sectors): 63 | Size: 39 MB1 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 81920 | Size: 750 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]2 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 1617920 | Size: 367112 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]3 - [XXXXXX] EXTEN-LBA (0xf) [VISIBLE] Offset (sectors): 753463296 | Size: 1539826 MBUser = LL1 ... OKError reading LL2 MBR! ([1] Incorrect function. )+++++ PhysicalDrive1: ATA TOSHIBA DT01ACA2 SCSI Disk Device +++++--- User ---[MBR] d4ecfbd1a1d3c4917af6d6d28c8c95d7[bSP] 6f5fe8da57fa68252ca31cc6e5d209fd : Windows Vista/7/8 MBR CodePartition table:0 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 1907727 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]User = LL1 ... OKError reading LL2 MBR! ([1] Incorrect function. )+++++ PhysicalDrive2: Kanguru SS3 USB Device +++++--- User ---[MBR] 94f9443d96441ecfcdafb5853a2e8a7e[bSP] 39eaafe8c7c2f2a60c9df4ab5a671e21 : Windows XP MBR CodePartition table:0 - [XXXXXX] FAT32-LBA (0xc) [VISIBLE] Offset (sectors): 8064 | Size: 120348 MBUser = LL1 ... OKError reading LL2 MBR! ([32] The request is not supported. )+++++ PhysicalDrive3: Generic- Compact Flash USB Device +++++Error reading User MBR! ([15] The device is not ready. )Error reading LL1 MBR! NOT VALID!Error reading LL2 MBR! ([32] The request is not supported. )+++++ PhysicalDrive4: Generic- SM/xD-Picture USB Device +++++Error reading User MBR! ([15] The device is not ready. )Error reading LL1 MBR! NOT VALID!Error reading LL2 MBR! ([32] The request is not supported. )+++++ PhysicalDrive5: Generic- SD/MMC USB Device +++++Error reading User MBR! ([15] The device is not ready. )Error reading LL1 MBR! NOT VALID!Error reading LL2 MBR! ([32] The request is not supported. )+++++ PhysicalDrive6: Generic- M.S./M.S.Pro/HG USB Device +++++Error reading User MBR! ([15] The device is not ready. )Error reading LL1 MBR! NOT VALID!Error reading LL2 MBR! ([32] The request is not supported. ) Link to post Share on other sites More sharing options...
Staff shadowwar Posted March 30, 2015 Staff ID:951816 Share Posted March 30, 2015 Thanks will let them know! Link to post Share on other sites More sharing options...
Staff miekiemoes Posted March 30, 2015 Staff ID:951817 Share Posted March 30, 2015 Tigzy has been informed with this already, I am sure he will fix asap Link to post Share on other sites More sharing options...
Firefox Posted March 30, 2015 Author ID:951818 Share Posted March 30, 2015 Thanks guys.. always on the ball... Link to post Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now