RKreport

1. RogueKiller V8.8.2 [Jan 17 2014] by Tigzy
2. mail : tigzyRK<at>gmail<dot>com
3. Feedback : http://www.adlice.com/forum/
4. Website : http://www.adlice.com/softwares/roguekiller/
5. Blog : http://www.adlice.com
6.  
7. Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
8. Started in : Normal mode
9. User : Sam [Admin rights]
10. Mode : Scan -- Date : 01/22/2014 02:37:24
11. | ARK || FAK || MBR |
12.  
13. ¤¤¤ Bad processes : 0 ¤¤¤
14.  
15. ¤¤¤ Registry Entries : 8 ¤¤¤
16. [HJ POL][PUM] HKCU\[...]\System : DisableTaskMgr (0) -> FOUND
17. [HJ POL][PUM] HKCU\[...]\System : DisableRegistryTools (0) -> FOUND
18. [HJ POL][PUM] HKLM\[...]\System : DisableRegistryTools (0) -> FOUND
19. [HJ POL][PUM] HKLM\[...]\Wow6432Node\[...]\System : DisableRegistryTools (0) -> FOUND
20. [HJ DESK][PUM] HKCU\[...]\ClassicStartMenu : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
21. [HJ DESK][PUM] HKCU\[...]\ClassicStartMenu : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND
22. [HJ DESK][PUM] HKCU\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
23. [HJ DESK][PUM] HKCU\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND
24.  
25. ¤¤¤ Scheduled tasks : 0 ¤¤¤
26.  
27. ¤¤¤ Startup Entries : 0 ¤¤¤
28.  
29. ¤¤¤ Web browsers : 0 ¤¤¤
30.  
31. ¤¤¤ Browser Addons : 0 ¤¤¤
32.  
33. ¤¤¤ Particular Files / Folders: ¤¤¤
34.  
35. ¤¤¤ Driver : [NOT LOADED 0x0] ¤¤¤
36.  
37. ¤¤¤ External Hives: ¤¤¤
38. -> D:\windows\system32\config\SYSTEM | DRVINFO [Drv - D:] | SYSTEMINFO [Sys - x:] [Sys32 - FOUND] | USERINFO [Startup - NOT_FOUND]
39. -> D:\windows\system32\config\SOFTWARE | DRVINFO [Drv - D:] | SYSTEMINFO [Sys - x:] [Sys32 - FOUND] | USERINFO [Startup - NOT_FOUND]
40. -> D:\windows\system32\config\SECURITY | DRVINFO [Drv - D:] | SYSTEMINFO [Sys - x:] [Sys32 - FOUND] | USERINFO [Startup - NOT_FOUND]
41. -> D:\windows\system32\config\SAM | DRVINFO [Drv - D:] | SYSTEMINFO [Sys - x:] [Sys32 - FOUND] | USERINFO [Startup - NOT_FOUND]
42. -> D:\windows\system32\config\DEFAULT | DRVINFO [Drv - D:] | SYSTEMINFO [Sys - x:] [Sys32 - FOUND] | USERINFO [Startup - NOT_FOUND]
43. -> D:\Users\Default\NTUSER.DAT | DRVINFO [Drv - D:] | SYSTEMINFO [Sys - x:] [Sys32 - FOUND] | USERINFO [Startup - NOT_FOUND]
44.  
45. ¤¤¤ Infection : ¤¤¤
46.  
47. ¤¤¤ HOSTS File: ¤¤¤
48. --> %SystemRoot%\System32\drivers\etc\hosts
49.  
50.  
51. 127.0.0.1 localhost
52.  
53.  
54. ¤¤¤ MBR Check: ¤¤¤
55.  
56. +++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) TOSHIBA MK3265GSX ATA Device +++++
57. --- User ---
58. [MBR] 2c7b1ee5431fe43ca3c101226b7ad2c8
59. [BSP] 0275bb52c3d6eab85416b27bfc856294 : Windows 7/8 MBR Code
60. Partition table:
61. 0 - [XXXXXX] DELL-UTIL (0xde) [VISIBLE] Offset (sectors): 63 | Size: 62 Mo
62. 1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 129024 | Size: 10240 Mo
63. 2 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 31586304 | Size: 100 Mo
64. 3 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 31791104 | Size: 289721 Mo
65. User = LL1 ... OK!
66. User = LL2 ... OK!
67.  
68. Finished : << RKreport[0]_S_01222014_023724.txt >>