RogueKiller Logs:RogueKiller V8.8.0 [Dec 27 2013] by Tigzymail : tigzyRK<a

1. RogueKiller Logs:
2.  
3. RogueKiller V8.8.0 [Dec 27 2013] by Tigzy
4. mail : tigzyRK<at>gmail<dot>com
5. Feedback : http://www.adlice.com/forum/
6. Website : http://www.adlice.com/softwares/roguekiller/
7. Blog : http://www.adlice.com
8.  
9. Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
10. Started in : Normal mode
11. User : Michael & Michelle [Admin rights]
12. Mode : Scan [Aborted] -- Date : 01/04/2014 22:09:25
13.  
14. ¤¤¤ Bad processes : 0 ¤¤¤
15.  
16. ¤¤¤ Registry Entries : 4 ¤¤¤
17. [HJ POL][PUM] HKLM\[...]\System : DisableRegistryTools (0) -> FOUND
18. [HJ POL][PUM] HKLM\[...]\Wow6432Node\[...]\System : DisableRegistryTools (0) -> FOUND
19. [HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
20. [HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND
21.  
22. ¤¤¤ Scheduled tasks : 1 ¤¤¤
23. [V2][SUSP PATH] HPSA Upgrade : C:\ProgramData\Hewlett-Packard\HPSAUpgrade3\HpSAUpgrade.exe [7] -> FOUND
24.  
25. ¤¤¤ Startup Entries : 0 ¤¤¤
26.  
27. ¤¤¤ Web browsers : 0 ¤¤¤
28.  
29. ¤¤¤ Browser Addons : 0 ¤¤¤
30.  
31. ¤¤¤ Particular Files / Folders: ¤¤¤
32.  
33. ¤¤¤ Driver : [NOT LOADED 0x0] ¤¤¤
34.  
35. ¤¤¤ External Hives: ¤¤¤
36.  
37. ¤¤¤ Infection : ¤¤¤
38.  
39. ¤¤¤ HOSTS File: ¤¤¤
40. --> %SystemRoot%\System32\drivers\etc\hosts
41.  
42.  
43. 127.0.0.1 localhost
44.  
45.  
46. ¤¤¤ MBR Check: ¤¤¤
47.  
48. Finished : << RKreport[0]_S_01042014_220925.txt >>
49.  
50.  
51.  
52.  
53. RogueKiller V8.8.0 [Dec 27 2013] by Tigzy
54. mail : tigzyRK<at>gmail<dot>com
55. Feedback : http://www.adlice.com/forum/
56. Website : http://www.adlice.com/softwares/roguekiller/
57. Blog : http://www.adlice.com
58.  
59. Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
60. Started in : Normal mode
61. User : Michael & Michelle [Admin rights]
62. Mode : Scan -- Date : 01/04/2014 22:11:30
63. | ARK || FAK || MBR |
64.  
65. ¤¤¤ Bad processes : 0 ¤¤¤
66.  
67. ¤¤¤ Registry Entries : 4 ¤¤¤
68. [HJ POL][PUM] HKLM\[...]\System : DisableRegistryTools (0) -> FOUND
69. [HJ POL][PUM] HKLM\[...]\Wow6432Node\[...]\System : DisableRegistryTools (0) -> FOUND
70. [HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
71. [HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND
72.  
73. ¤¤¤ Scheduled tasks : 1 ¤¤¤
74. [V2][SUSP PATH] HPSA Upgrade : C:\ProgramData\Hewlett-Packard\HPSAUpgrade3\HpSAUpgrade.exe [7] -> FOUND
75.  
76. ¤¤¤ Startup Entries : 0 ¤¤¤
77.  
78. ¤¤¤ Web browsers : 0 ¤¤¤
79.  
80. ¤¤¤ Browser Addons : 0 ¤¤¤
81.  
82. ¤¤¤ Particular Files / Folders: ¤¤¤
83.  
84. ¤¤¤ Driver : [NOT LOADED 0x0] ¤¤¤
85.  
86. ¤¤¤ External Hives: ¤¤¤
87.  
88. ¤¤¤ Infection : ¤¤¤
89.  
90. ¤¤¤ HOSTS File: ¤¤¤
91. --> %SystemRoot%\System32\drivers\etc\hosts
92.  
93.  
94. 127.0.0.1 localhost
95.  
96.  
97. ¤¤¤ MBR Check: ¤¤¤
98.  
99. +++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) TOSHIBA MK3263GSX ATA Device +++++
100. --- User ---
101. [MBR] 4a4e34ea778c9ee87e71f1a21937e605
102. [BSP] e2b9f4715318803dcb61945ca09e3b6a : Windows Vista/7/8 MBR Code
103. Partition table:
104. 0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 199 Mo
105. 1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 409600 | Size: 292878 Mo
106. 2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 600223744 | Size: 12166 Mo
107. User = LL1 ... OK!
108. User = LL2 ... OK!
109.  
110. Finished : << RKreport[0]_S_01042014_221129.txt >>
111. RKreport[0]_S_01042014_220925.txt
112.  
113.  
114.  
115. RogueKiller V8.8.0 [Dec 27 2013] by Tigzy
116. mail : tigzyRK<at>gmail<dot>com
117. Feedback : http://www.adlice.com/forum/
118. Website : http://www.adlice.com/softwares/roguekiller/
119. Blog : http://www.adlice.com
120.  
121. Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
122. Started in : Normal mode
123. User : Michael & Michelle [Admin rights]
124. Mode : Remove -- Date : 01/04/2014 22:17:51
125. | ARK || FAK || MBR |
126.  
127. ¤¤¤ Bad processes : 0 ¤¤¤
128.  
129. ¤¤¤ Registry Entries : 4 ¤¤¤
130. [HJ POL][PUM] HKLM\[...]\System : DisableRegistryTools (0) -> DELETED
131. [HJ POL][PUM] HKLM\[...]\Wow6432Node\[...]\System : DisableRegistryTools (0) -> [0x2] The system cannot find the file specified.
132. [HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REPLACED (0)
133. [HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)
134.  
135. ¤¤¤ Scheduled tasks : 1 ¤¤¤
136. [V2][SUSP PATH] HPSA Upgrade : C:\ProgramData\Hewlett-Packard\HPSAUpgrade3\HpSAUpgrade.exe [7] -> DELETED
137.  
138. ¤¤¤ Startup Entries : 0 ¤¤¤
139.  
140. ¤¤¤ Web browsers : 0 ¤¤¤
141.  
142. ¤¤¤ Browser Addons : 0 ¤¤¤
143.  
144. ¤¤¤ Particular Files / Folders: ¤¤¤
145.  
146. ¤¤¤ Driver : [NOT LOADED 0x0] ¤¤¤
147.  
148. ¤¤¤ External Hives: ¤¤¤
149.  
150. ¤¤¤ Infection : ¤¤¤
151.  
152. ¤¤¤ HOSTS File: ¤¤¤
153. --> %SystemRoot%\System32\drivers\etc\hosts
154.  
155.  
156. 127.0.0.1 localhost
157.  
158.  
159. ¤¤¤ MBR Check: ¤¤¤
160.  
161. +++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) TOSHIBA MK3263GSX ATA Device +++++
162. --- User ---
163. [MBR] 4a4e34ea778c9ee87e71f1a21937e605
164. [BSP] e2b9f4715318803dcb61945ca09e3b6a : Windows Vista/7/8 MBR Code
165. Partition table:
166. 0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 199 Mo
167. 1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 409600 | Size: 292878 Mo
168. 2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 600223744 | Size: 12166 Mo
169. User = LL1 ... OK!
170. User = LL2 ... OK!
171.  
172. Finished : << RKreport[0]_D_01042014_221751.txt >>