RogueKiller V8.5.4 [Mar 18 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback :
http://www.geekstogo.com/forum/files/file/413-roguekiller/Website :
http://tigzy.geekstogo.com/roguekiller.phpBlog :
http://tigzyrk.blogspot.com/Operating System : Windows XP (5.1.2600 Service Pack 3) 32 bits version
Started in : Normal mode
User : admin [Admin rights]
Mode : Remove -- Date : 05/07/2013 15:04:15
| ARK || FAK || MBR |
¤¤¤ Bad processes : 0 ¤¤¤
¤¤¤ Registry Entries : 2 ¤¤¤
[HJPOL] HKCU\[...]\System : disableregistrytools (0) -> DELETED
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)
¤¤¤ Particular Files / Folders: ¤¤¤
[ZeroAccess][JUNCTION] C:\WINDOWS\$NtUninstallKB14045$ >> \systemroot\system32\config --> REMOVED
[Del.Parent][FILE] @ : C:\WINDOWS\$NtUninstallKB14045$\267270451\@ [-] --> REMOVED
[Del.Parent][FILE] Desktop.ini : C:\WINDOWS\$NtUninstallKB14045$\267270451\Desktop.ini [-] --> REMOVED
[Del.Parent][FILE] 00000004.@ : C:\WINDOWS\$NtUninstallKB14045$\267270451\L\00000004.@ [-] --> REMOVED
[Del.Parent][FILE] 201d3dde : C:\WINDOWS\$NtUninstallKB14045$\267270451\L\201d3dde [-] --> REMOVED
[Del.Parent][FILE] 76603ac3 : C:\WINDOWS\$NtUninstallKB14045$\267270451\L\76603ac3 [-] --> REMOVED
[Del.Parent][FILE] hycpmsei : C:\WINDOWS\$NtUninstallKB14045$\267270451\L\hycpmsei [-] --> REMOVED
[Del.Parent][FOLDER] ROOT : C:\WINDOWS\$NtUninstallKB14045$\267270451\L --> REMOVED
[Del.Parent][FILE] 00000004.@ : C:\WINDOWS\$NtUninstallKB14045$\267270451\U\00000004.@ [-] --> REMOVED
[Del.Parent][FILE] 00000008.@ : C:\WINDOWS\$NtUninstallKB14045$\267270451\U\00000008.@ [-] --> REMOVED
[Del.Parent][FILE] 000000cb.@ : C:\WINDOWS\$NtUninstallKB14045$\267270451\U\000000cb.@ [-] --> REMOVED
[Del.Parent][FILE] 80000000.@ : C:\WINDOWS\$NtUninstallKB14045$\267270451\U\80000000.@ [-] --> REMOVED
[Del.Parent][FILE] 80000032.@ : C:\WINDOWS\$NtUninstallKB14045$\267270451\U\80000032.@ [-] --> REMOVED
[Del.Parent][FOLDER] ROOT : C:\WINDOWS\$NtUninstallKB14045$\267270451\U --> REMOVED
[Del.Parent][FOLDER] ROOT : C:\WINDOWS\$NtUninstallKB14045$\267270451 --> REMOVED
[Del.Parent][FILE] 3444094802 : C:\WINDOWS\$NtUninstallKB14045$\3444094802 [-] --> REMOVED
[ZeroAccess][FOLDER] ROOT : C:\WINDOWS\$NtUninstallKB14045$ --> REMOVED
¤¤¤ Driver : [LOADED] ¤¤¤
¤¤¤ Infection : ZeroAccess ¤¤¤
¤¤¤ HOSTS File: ¤¤¤
--> C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost
¤¤¤ MBR Check: ¤¤¤
+++++ PhysicalDrive0: WDC WD1600AAJS-00B4A0 +++++
--- User ---
[MBR] b8fbf1b647dd698ef66542620dfe45aa
[BSP] 9b0b75bdc055737b567ed4fdf9e0d6d0 : Windows XP MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 152617 Mo
User = LL1 ... OK!
User = LL2 ... OK!
+++++ PhysicalDrive1: General USB Flash Disk USB Device +++++
--- User ---
[MBR] 6b25f36d6c0add261e3e974ab1c93571
[BSP] df4f83c1f72e36823a12b0dfc7617313 : Empty MBR Code
Partition table:
0 - [XXXXXX] FAT32 (0x0b) [VISIBLE] Offset (sectors): 32 | Size: 1910 Mo
User = LL1 ... OK!
Error reading LL2 MBR!
Finished : << RKreport[4]_D_05072013_02d1504.txt >>
RKreport[1]_S_05062013_02d1556.txt ; RKreport[2]_SC_05062013_02d2204.txt ; RKreport[3]_S_05072013_02d1501.txt ; RKreport[4]_D_05072013_02d1504.txt