Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

RogueKiller "BLACKLISTDLL" entries benign?

Started by IronicLuddite , May 03 2013 12:02 PM

  • Please log in to reply

#1
IronicLuddite
Posted 03 May 2013 - 12:02 PM

IronicLuddite

    New Member

  • Member
  • Pip
  • 5 posts
Hello GeekstoGo! :)

First of all, I would like to preemptively thank anyone who could provide me with help - it's much appreciated. :)

Secondly, I should note that I'm not sure whether my computer's infected. In fact, I experiencing no real symptoms, and Kasperksy, MBAM, MBAR, and TDSSKiller all think my computer is healthy. But RogueKiller picks up some blacklistdll's, even when I delete all files/partitions and re-install a factory image of my computer from a USB (note:the USB has never been used for anything other than holding a factory image of my computer). I've included a RogueKiller log below. If the entries are benign, then I'm content that my computer is clean and I wouldn't want anyone to spend time reading an entire OTL log, but I just want to be sure about RogueKiller first.

RogueKiller V8.5.4 [Mar 18 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://www.geekstogo...13-roguekiller/
Website : http://tigzy.geeksto...roguekiller.php
Blog : http://tigzyrk.blogspot.com/

Operating System : Windows 8 (6.2.9200 ) 64 bits version
Started in : Normal mode
User : PC [Admin rights]
Mode : Scan -- Date : 04/29/2013 11:56:27
| ARK || FAK || MBR |

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 8 ¤¤¤
[RUN][BLACKLISTDLL] HKLM\[...]\RunOnce : MSPCLOCK (rundll32.exe streamci,StreamingDeviceSetup {97ebaacc-95bd-11d0-a3ea-00a0c9223196},{53172480-4791-11D0-A5D6-28DB04C10000},{53172480-4791-11D0-A5D6-28DB04C10000}) -> FOUND
[RUN][BLACKLISTDLL] HKLM\[...]\RunOnce : MSPQM (rundll32.exe streamci,StreamingDeviceSetup {DDF4358E-BB2C-11D0-A42F-00A0C9223196},{97EBAACB-95BD-11D0-A3EA-00A0C9223196},{97EBAACB-95BD-11D0-A3EA-00A0C9223196}) -> FOUND
[RUN][BLACKLISTDLL] HKLM\[...]\RunOnce : MSKSSRV (rundll32.exe streamci,StreamingDeviceSetup {96E080C7-143C-11D1-B40F-00A0C9223196},{3C0D501A-140B-11D1-B40F-00A0C9223196},{3C0D501A-140B-11D1-B40F-00A0C9223196}) -> FOUND
[RUN][BLACKLISTDLL] HKLM\[...]\RunOnce : MSTEE.CxTransform (rundll32.exe streamci,StreamingDeviceSetup {cfd669f1-9bc2-11d0-8299-0000f822fe8a},{CF1DDA2C-9743-11D0-A3EE-00A0C9223196},{CF1DDA2C-9743-11D0-A3EE-00A0C9223196},C:\Windows\inf\ksfilter.inf,MSTEE.Interface.Install) -> FOUND
[RUN][BLACKLISTDLL] HKLM\[...]\RunOnce : MSTEE.Splitter (rundll32.exe streamci,StreamingDeviceSetup {cfd669f1-9bc2-11d0-8299-0000f822fe8a},{0A4252A0-7E70-11D0-A5D6-28DB04C10000},{0A4252A0-7E70-11D0-A5D6-28DB04C10000},C:\Windows\inf\ksfilter.inf,MSTEE.Interface.Install) -> FOUND
[RUN][BLACKLISTDLL] HKLM\[...]\RunOnce : WDM_DRMKAUD (rundll32.exe streamci,StreamingDeviceSetup {EEC12DB6-AD9C-4168-8658-B03DAEF417FE},{ABD61E00-9350-47e2-A632-4438B90C6641},{FFBB6E3F-CCFE-4D84-90D9-421418B03A8E},C:\Windows\inf\WDMAUDIO.inf,WDM_DRMKAUD.Interface.Install) -> FOUND
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [NOT LOADED] ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts



¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: ST1000DM003-1CH162 +++++
--- User ---
[MBR] 08b2826adfce6b0d34d9bfc5e03946a7
[BSP] 40b631de7e90f46630276b41d97ef40d : Windows 7/8 MBR Code
Partition table:
0 - [XXXXXX] UNKNOWN (0xee) [VISIBLE] Offset (sectors): 1 | Size: 2097151 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Finished : << RKreport[1]_S_04292013_02d1156.txt >>
RKreport[1]_S_04292013_02d1156.txt


Again, any help is appreciated,
-IronicLuddite
  • 0

Advertisements

#2
RKinner
Posted 04 May 2013 - 08:31 AM

RKinner

    Malware Expert

  • Expert
  • 24,452 posts
  • MVP
I asked Tigzy about your entries. Appears to be false positives so ignore them. He will correct the program.

Ron
  • 0

#3
IronicLuddite
Posted 04 May 2013 - 11:51 AM

IronicLuddite

    New Member

  • Topic Starter
  • Member
  • Pip
  • 5 posts
Hi RKinner,

Thank you for the information. :)

Since the entries are okay I'm confident my computer is fine and I don't feel the need to ask for further assistance. But if there's any reason you want or need more info about those entries, feel free to ask. Otherwise, you can feel free to close this topic.

Thanks again,
IronicLuddite
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Forum
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP