Kevin Hill Posted January 19, 2017 Share Posted January 19, 2017 RogueKiller V11.0.10.0 (x64) [Feb 1 2016] (Free) by Adlice Software mail : http://www.adlice.com/contact/ Feedback : http://forum.adlice.com Website : http://www.adlice.com/software/roguekiller/ Blog : http://www.adlice.com Operating System : Windows 8 (6.2.9200) 64 bits version Started in : Normal mode User : kjh71 [Administrator] Started from : C:\Users\kjh71\Downloads\RogueKillerX64.exe Mode : Scan -- Date : 01/18/2017 22:43:32 ¤¤¤ Processes : 1 ¤¤¤ [PUP|VT.Adware.PremierOpinion] pmservice.exe(6420) -- C:\Program Files (x86)\PremierOpinion\pmservice.exe[7] -> Killed [TermProc] ¤¤¤ Registry : 2 ¤¤¤ [PUP|VT.Adware.PremierOpinion] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\PremierOpinion (C:\Program Files (x86)\PremierOpinion\pmservice.exe /service) -> Found [PUP|VT.Adware.PremierOpinion] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\PremierOpinion (C:\Program Files (x86)\PremierOpinion\pmservice.exe /service) -> Found ¤¤¤ Tasks : 0 ¤¤¤ ¤¤¤ Files : 2 ¤¤¤ [PUP][Folder] C:\ProgramData\{AFF99647-6D64-46F2-934A-F12F468037F6} -> Found [PUP][Folder] C:\Program Files (x86)\PremierOpinion -> Found ¤¤¤ Hosts File : 0 ¤¤¤ ¤¤¤ Antirootkit : 88 (Driver: Loaded) ¤¤¤ [iAT:Addr(Hook.IEAT)] (explorer.exe @ StartIsBack64.dll) kernel32!Sleep : Unknown @ 0x4216bb0 [iAT:Addr(Hook.IEAT)] (chrome.exe) kernel32!CreateNamedPipeW : Unknown @ 0x7f8fcb1002c [iAT:Addr(Hook.IEAT)] (chrome.exe @ chrome_child.dll) kernel32!CreateNamedPipeW : Unknown @ 0x7f8fcb1002c [iAT:Addr(Hook.IEAT)] (chrome.exe) kernel32!CreateNamedPipeW : Unknown @ 0x7f8fcb1002c [iAT:Addr(Hook.IEAT)] (chrome.exe @ shell32.dll) user32!RegisterClassW : Unknown @ 0x7f8fc85002c [iAT:Addr(Hook.IEAT)] (chrome.exe @ shell32.dll) gdi32!GetStockObject : Unknown @ 0x7f8fa56006c [iAT:Addr(Hook.IEAT)] (chrome.exe @ user32.dll) gdi32!GetStockObject : Unknown @ 0x7f8fa56006c [iAT:Addr(Hook.IEAT)] (chrome.exe @ user32.dll) gdi32!GdiDllInitialize : Unknown @ 0x7f8fa56002c [iAT:Addr(Hook.IEAT)] (chrome.exe @ shlwapi.dll) user32!RegisterClassW : Unknown @ 0x7f8fc85002c [iAT:Addr(Hook.IEAT)] (chrome.exe @ shlwapi.dll) gdi32!GetStockObject : Unknown @ 0x7f8fa56006c [iAT:Addr(Hook.IEAT)] (chrome.exe @ msctf.dll) gdi32!GetStockObject : Unknown @ 0x7f8fa56006c [iAT:Addr(Hook.IEAT)] (chrome.exe @ chrome_child.dll) gdi32!GetStockObject : Unknown @ 0x7f8fa56006c [iAT:Addr(Hook.IEAT)] (chrome.exe @ chrome_child.dll) kernel32!CreateNamedPipeW : Unknown @ 0x7f8fcb1002c [iAT:Addr(Hook.IEAT)] (chrome.exe @ chrome_child.dll) user32!RegisterClassW : Unknown @ 0x7f8fc85002c [iAT:Addr(Hook.IEAT)] (chrome.exe @ ole32.dll) gdi32!GetStockObject : Unknown @ 0x7f8fa56006c [iAT:Addr(Hook.IEAT)] (chrome.exe @ ole32.dll) user32!RegisterClassW : Unknown @ 0x7f8fc85002c [iAT:Addr(Hook.IEAT)] (chrome.exe @ comdlg32.dll) user32!RegisterClassW : Unknown @ 0x7f8fc85002c [iAT:Addr(Hook.IEAT)] (chrome.exe @ comdlg32.dll) gdi32!GetStockObject : Unknown @ 0x7f8fa56006c [iAT:Addr(Hook.IEAT)] (chrome.exe @ comctl32.dll) gdi32!GetStockObject : Unknown @ 0x7f8fa56006c [iAT:Addr(Hook.IEAT)] (chrome.exe @ comctl32.dll) user32!RegisterClassW : Unknown @ 0x7f8fc85002c [iAT:Addr(Hook.IEAT)] (chrome.exe) kernel32!CreateNamedPipeW : Unknown @ 0x7f8fcb1002c [iAT:Addr(Hook.IEAT)] (chrome.exe @ shell32.dll) user32!RegisterClassW : Unknown @ 0x7f8fc85002c [iAT:Addr(Hook.IEAT)] (chrome.exe @ shell32.dll) gdi32!GetStockObject : Unknown @ 0x7f8fa56006c [iAT:Addr(Hook.IEAT)] (chrome.exe @ user32.dll) gdi32!GetStockObject : Unknown @ 0x7f8fa56006c [iAT:Addr(Hook.IEAT)] (chrome.exe @ user32.dll) gdi32!GdiDllInitialize : Unknown @ 0x7f8fa56002c [iAT:Addr(Hook.IEAT)] (chrome.exe @ shlwapi.dll) user32!RegisterClassW : Unknown @ 0x7f8fc85002c [iAT:Addr(Hook.IEAT)] (chrome.exe @ shlwapi.dll) gdi32!GetStockObject : Unknown @ 0x7f8fa56006c [iAT:Addr(Hook.IEAT)] (chrome.exe @ msctf.dll) gdi32!GetStockObject : Unknown @ 0x7f8fa56006c [iAT:Addr(Hook.IEAT)] (chrome.exe @ chrome_child.dll) gdi32!GetStockObject : Unknown @ 0x7f8fa56006c [iAT:Addr(Hook.IEAT)] (chrome.exe @ chrome_child.dll) kernel32!CreateNamedPipeW : Unknown @ 0x7f8fcb1002c [iAT:Addr(Hook.IEAT)] (chrome.exe @ chrome_child.dll) user32!RegisterClassW : Unknown @ 0x7f8fc85002c [iAT:Addr(Hook.IEAT)] (chrome.exe @ ole32.dll) gdi32!GetStockObject : Unknown @ 0x7f8fa56006c [iAT:Addr(Hook.IEAT)] (chrome.exe @ ole32.dll) user32!RegisterClassW : Unknown @ 0x7f8fc85002c [iAT:Addr(Hook.IEAT)] (chrome.exe @ comdlg32.dll) user32!RegisterClassW : Unknown @ 0x7f8fc85002c [iAT:Addr(Hook.IEAT)] (chrome.exe @ comdlg32.dll) gdi32!GetStockObject : Unknown @ 0x7f8fa56006c [iAT:Addr(Hook.IEAT)] (chrome.exe @ comctl32.dll) gdi32!GetStockObject : Unknown @ 0x7f8fa56006c [iAT:Addr(Hook.IEAT)] (chrome.exe @ comctl32.dll) user32!RegisterClassW : Unknown @ 0x7f8fc85002c [iAT:Addr(Hook.IEAT)] (chrome.exe) kernel32!CreateNamedPipeW : Unknown @ 0x7f8fcb1002c [iAT:Addr(Hook.IEAT)] (chrome.exe @ shell32.dll) user32!RegisterClassW : Unknown @ 0x7f8fc85002c [iAT:Addr(Hook.IEAT)] (chrome.exe @ shell32.dll) gdi32!GetStockObject : Unknown @ 0x7f8fa56006c [iAT:Addr(Hook.IEAT)] (chrome.exe @ user32.dll) gdi32!GetStockObject : Unknown @ 0x7f8fa56006c [iAT:Addr(Hook.IEAT)] (chrome.exe @ user32.dll) gdi32!GdiDllInitialize : Unknown @ 0x7f8fa56002c [iAT:Addr(Hook.IEAT)] (chrome.exe @ shlwapi.dll) user32!RegisterClassW : Unknown @ 0x7f8fc85002c [iAT:Addr(Hook.IEAT)] (chrome.exe @ shlwapi.dll) gdi32!GetStockObject : Unknown @ 0x7f8fa56006c [iAT:Addr(Hook.IEAT)] (chrome.exe @ msctf.dll) gdi32!GetStockObject : Unknown @ 0x7f8fa56006c [iAT:Addr(Hook.IEAT)] (chrome.exe @ chrome_child.dll) gdi32!GetStockObject : Unknown @ 0x7f8fa56006c [iAT:Addr(Hook.IEAT)] (chrome.exe @ chrome_child.dll) kernel32!CreateNamedPipeW : Unknown @ 0x7f8fcb1002c [iAT:Addr(Hook.IEAT)] (chrome.exe @ chrome_child.dll) user32!RegisterClassW : Unknown @ 0x7f8fc85002c [iAT:Addr(Hook.IEAT)] (chrome.exe @ ole32.dll) gdi32!GetStockObject : Unknown @ 0x7f8fa56006c [iAT:Addr(Hook.IEAT)] (chrome.exe @ ole32.dll) user32!RegisterClassW : Unknown @ 0x7f8fc85002c [iAT:Addr(Hook.IEAT)] (chrome.exe @ comdlg32.dll) user32!RegisterClassW : Unknown @ 0x7f8fc85002c [iAT:Addr(Hook.IEAT)] (chrome.exe @ comdlg32.dll) gdi32!GetStockObject : Unknown @ 0x7f8fa56006c [iAT:Addr(Hook.IEAT)] (chrome.exe @ comctl32.dll) gdi32!GetStockObject : Unknown @ 0x7f8fa56006c [iAT:Addr(Hook.IEAT)] (chrome.exe @ comctl32.dll) user32!RegisterClassW : Unknown @ 0x7f8fc85002c [iAT:Addr(Hook.IEAT)] (chrome.exe) kernel32!CreateNamedPipeW : Unknown @ 0x7f8fcb1002c [iAT:Addr(Hook.IEAT)] (chrome.exe @ shell32.dll) user32!RegisterClassW : Unknown @ 0x7f8fc85002c [iAT:Addr(Hook.IEAT)] (chrome.exe @ shell32.dll) gdi32!GetStockObject : Unknown @ 0x7f8fa56006c [iAT:Addr(Hook.IEAT)] (chrome.exe @ user32.dll) gdi32!GetStockObject : Unknown @ 0x7f8fa56006c [iAT:Addr(Hook.IEAT)] (chrome.exe @ user32.dll) gdi32!GdiDllInitialize : Unknown @ 0x7f8fa56002c [iAT:Addr(Hook.IEAT)] (chrome.exe @ shlwapi.dll) user32!RegisterClassW : Unknown @ 0x7f8fc85002c [iAT:Addr(Hook.IEAT)] (chrome.exe @ shlwapi.dll) gdi32!GetStockObject : Unknown @ 0x7f8fa56006c [iAT:Addr(Hook.IEAT)] (chrome.exe @ msctf.dll) gdi32!GetStockObject : Unknown @ 0x7f8fa56006c [iAT:Addr(Hook.IEAT)] (chrome.exe @ chrome_child.dll) gdi32!GetStockObject : Unknown @ 0x7f8fa56006c [iAT:Addr(Hook.IEAT)] (chrome.exe @ chrome_child.dll) kernel32!CreateNamedPipeW : Unknown @ 0x7f8fcb1002c [iAT:Addr(Hook.IEAT)] (chrome.exe @ chrome_child.dll) user32!RegisterClassW : Unknown @ 0x7f8fc85002c [iAT:Addr(Hook.IEAT)] (chrome.exe @ ole32.dll) gdi32!GetStockObject : Unknown @ 0x7f8fa56006c [iAT:Addr(Hook.IEAT)] (chrome.exe @ ole32.dll) user32!RegisterClassW : Unknown @ 0x7f8fc85002c [iAT:Addr(Hook.IEAT)] (chrome.exe @ comdlg32.dll) user32!RegisterClassW : Unknown @ 0x7f8fc85002c [iAT:Addr(Hook.IEAT)] (chrome.exe @ comdlg32.dll) gdi32!GetStockObject : Unknown @ 0x7f8fa56006c [iAT:Addr(Hook.IEAT)] (chrome.exe @ comctl32.dll) gdi32!GetStockObject : Unknown @ 0x7f8fa56006c [iAT:Addr(Hook.IEAT)] (chrome.exe @ comctl32.dll) user32!RegisterClassW : Unknown @ 0x7f8fc85002c [iAT:Addr(Hook.IEAT)] (chrome.exe) kernel32!CreateNamedPipeW : Unknown @ 0x7f8fcb1002c [iAT:Addr(Hook.IEAT)] (chrome.exe @ shell32.dll) user32!RegisterClassW : Unknown @ 0x7f8fc85002c [iAT:Addr(Hook.IEAT)] (chrome.exe @ shell32.dll) gdi32!GetStockObject : Unknown @ 0x7f8fa56006c [iAT:Addr(Hook.IEAT)] (chrome.exe @ user32.dll) gdi32!GetStockObject : Unknown @ 0x7f8fa56006c [iAT:Addr(Hook.IEAT)] (chrome.exe @ user32.dll) gdi32!GdiDllInitialize : Unknown @ 0x7f8fa56002c [iAT:Addr(Hook.IEAT)] (chrome.exe @ shlwapi.dll) user32!RegisterClassW : Unknown @ 0x7f8fc85002c [iAT:Addr(Hook.IEAT)] (chrome.exe @ shlwapi.dll) gdi32!GetStockObject : Unknown @ 0x7f8fa56006c [iAT:Addr(Hook.IEAT)] (chrome.exe @ msctf.dll) gdi32!GetStockObject : Unknown @ 0x7f8fa56006c [iAT:Addr(Hook.IEAT)] (chrome.exe @ chrome_child.dll) gdi32!GetStockObject : Unknown @ 0x7f8fa56006c [iAT:Addr(Hook.IEAT)] (chrome.exe @ chrome_child.dll) kernel32!CreateNamedPipeW : Unknown @ 0x7f8fcb1002c [iAT:Addr(Hook.IEAT)] (chrome.exe @ chrome_child.dll) user32!RegisterClassW : Unknown @ 0x7f8fc85002c [iAT:Addr(Hook.IEAT)] (chrome.exe @ ole32.dll) gdi32!GetStockObject : Unknown @ 0x7f8fa56006c [iAT:Addr(Hook.IEAT)] (chrome.exe @ ole32.dll) user32!RegisterClassW : Unknown @ 0x7f8fc85002c [iAT:Addr(Hook.IEAT)] (chrome.exe @ comdlg32.dll) user32!RegisterClassW : Unknown @ 0x7f8fc85002c [iAT:Addr(Hook.IEAT)] (chrome.exe @ comdlg32.dll) gdi32!GetStockObject : Unknown @ 0x7f8fa56006c [iAT:Addr(Hook.IEAT)] (chrome.exe @ comctl32.dll) gdi32!GetStockObject : Unknown @ 0x7f8fa56006c [iAT:Addr(Hook.IEAT)] (chrome.exe @ comctl32.dll) user32!RegisterClassW : Unknown @ 0x7f8fc85002c ¤¤¤ Web browsers : 0 ¤¤¤ ¤¤¤ MBR Check : ¤¤¤ +++++ PhysicalDrive0: TOSHIBA DT01ACA1 SCSI Disk Device +++++ --- User --- [MBR] 13b4414b5744289ebfd7703bbd14aa8f [bSP] 00630af4f5e57acac24c510e2e96afaf : Empty|VT.Unknown MBR Code Partition table: 0 - [sYSTEM][MAN-MOUNT] Basic data partition | Offset (sectors): 2048 | Size: 1023 MB 1 - [MAN-MOUNT] EFI system partition | Offset (sectors): 2097152 | Size: 360 MB 2 - [MAN-MOUNT] Microsoft reserved partition | Offset (sectors): 2834432 | Size: 128 MB 3 - Basic data partition | Offset (sectors): 3096576 | Size: 940331 MB 4 - [sYSTEM][MAN-MOUNT] | Offset (sectors): 1928894464 | Size: 451 MB 5 - [sYSTEM] Basic data partition | Offset (sectors): 1929818112 | Size: 11380 MB User = LL1 ... OK Error reading LL2 MBR! ([1] Incorrect function. ) +++++ PhysicalDrive1: Generic- SD/MMC USB Device +++++ Error reading User MBR! ([15] The device is not ready. ) Error reading LL1 MBR! NOT VALID! Error reading LL2 MBR! ([32] The request is not supported. ) +++++ PhysicalDrive2: Generic- Compact Flash USB Device +++++ Error reading User MBR! ([15] The device is not ready. ) Error reading LL1 MBR! NOT VALID! Error reading LL2 MBR! ([32] The request is not supported. ) +++++ PhysicalDrive3: Generic- SM/xD-Picture USB Device +++++ Error reading User MBR! ([15] The device is not ready. ) Error reading LL1 MBR! NOT VALID! Error reading LL2 MBR! ([32] The request is not supported. ) +++++ PhysicalDrive4: Generic- MS/MS-Pro USB Device +++++ Error reading User MBR! ([15] The device is not ready. ) Error reading LL1 MBR! NOT VALID! Error reading LL2 MBR! ([32] The request is not supported. ) Link to comment Share on other sites More sharing options...
Juliet Posted January 19, 2017 Share Posted January 19, 2017 You have PremierOpinion in your add/remove programs list? If found uninstall it. ~~ Farbar Recovery Scan Tool (FRST) Scan Please download Farbar Recovery Scan Tool (x32) or Farbar Recovery Scan Tool (x64) and save the file to your Desktop. Note: Download and run the version compatible with your system (32 or 64-bit). Download both if you're unsure; only one will run. Right-Click FRST.exe / FRST64.exe and select Run as administrator to run the programme. Click Yes to the disclaimer. Ensure the Addition.txt box is checked. Click the Scan button and let the programme run. Upon completion, click OK, then OK on the Addition.txt pop up screen. Two logs (FRST.txt & Addition.txt) will now be open on your Desktop. Copy the contents of both logs and paste in your next reply. Link to comment Share on other sites More sharing options...
Kevin Hill Posted January 20, 2017 Author Share Posted January 20, 2017 how do u run as admin, it isnt showing up on downloads Link to comment Share on other sites More sharing options...
Juliet Posted January 20, 2017 Share Posted January 20, 2017 Have you tried to right click, does it say it there? If it doesn't appear, please run the tool anyway. Link to comment Share on other sites More sharing options...
Kevin Hill Posted January 22, 2017 Author Share Posted January 22, 2017 man i can barely move my mouse, get back to me asap Link to comment Share on other sites More sharing options...
Kevin Hill Posted January 22, 2017 Author Share Posted January 22, 2017 access denied pen a command prompt run as administrator if ur usb disk is e:Then type attrib -a -s -h -r e:\ \* /d /s Link to comment Share on other sites More sharing options...
Juliet Posted January 22, 2017 Share Posted January 22, 2017 Can you open task manager, look to see what it using the highest amount of CPU? Is it something you can end task on? Can you boot into safe with networking? Link to comment Share on other sites More sharing options...
Kevin Hill Posted January 22, 2017 Author Share Posted January 22, 2017 task manager doesnt open right away Link to comment Share on other sites More sharing options...
Kevin Hill Posted January 22, 2017 Author Share Posted January 22, 2017 how do u boot into safe mode and what do u want me to do next Link to comment Share on other sites More sharing options...
Juliet Posted January 22, 2017 Share Posted January 22, 2017 not sure which operating system you have so let's see if this will work Hold down the power button and count to 5 (slowly) Let it sit a minute then reboot. it's going to open up different options on how to restart your computer. Chose safe mode with networking. then do this Please download and run the following tool to help allow other programs to run. (courtesy of BleepingComputer.com) There are 6 different versions. If one of them won't run then download and try to run the other one. Vista and Win7 users need to right click and choose Run as Admin You only need to get one of them to run, not all of them. rkill.exe rkill.com rkill.scr rkill.pif WiNlOgOn.exe uSeRiNiT.exe ~~~ Farbar Recovery Scan Tool (FRST) Scan Please download Farbar Recovery Scan Tool (x32) or Farbar Recovery Scan Tool (x64) and save the file to your Desktop. Note: Download and run the version compatible with your system (32 or 64-bit). Download both if you're unsure; only one will run. Right-Click FRST.exe / FRST64.exe and select Run as administrator to run the programme. Click Yes to the disclaimer. Ensure the Addition.txt box is checked. Click the Scan button and let the programme run. Upon completion, click OK, then OK on the Addition.txt pop up screen. Two logs (FRST.txt & Addition.txt) will now be open on your Desktop. Copy the contents of both logs and paste in your next reply. ~~~ After this and you have saved these logs I need to see on desktopor somewhere you know you can get to afterwards See what happens if you try to now boot back into normal mode. Link to comment Share on other sites More sharing options...
.png.9d4b89b15b2cd5e65edd93a0e6823dce.png)
Recommended Posts