RogueKiller V8.8.11 _x64_ [Mar 14 2014] by Adlice Software mail : http://www.adlice.com/contact/ Feedback : http://forum.adlice.com Website : http://www.adlice.com/softwares/roguekiller/ Blog : http://www.adlice.com Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version Started in : Normal mode User : Donkey Kong [Admin rights] Mode : Scan -- Date : 03/15/2014 14:13:12 | ARK || FAK || MBR | ¤¤¤ Bad processes : 0 ¤¤¤ ¤¤¤ Registry Entries : 8 ¤¤¤ [RUN][SUSP PATH] HKCU\[...]\Run : AVG-Secure-Search-Update_0214c (C:\Users\Donkey Kong\AppData\Roaming\AVG 0214c Campaign\AVG-Secure-Search-Update-0214c.exe /PROMPT /mid=6b41cd4637bc47d6bec6cd2623af957a-493bcf5fa01f10de510906c30c444cd282f6d840 /CMPID=0214c [-][x][x]) -> FOUND [RUN][SUSP PATH] HKLM\[...]\Run : SBRegRebootCleaner ("C:\Users\Donkey Kong\AppData\Local\Temp\RemoveVIPRE\sbrc.exe" [x]) -> FOUND [RUN][SUSP PATH] HKUS\S-1-5-21-2481818962-1579234034-314252365-1000\[...]\Run : AVG-Secure-Search-Update_0214c (C:\Users\Donkey Kong\AppData\Roaming\AVG 0214c Campaign\AVG-Secure-Search-Update-0214c.exe /PROMPT /mid=6b41cd4637bc47d6bec6cd2623af957a-493bcf5fa01f10de510906c30c444cd282f6d840 /CMPID=0214c [-][x][x]) -> FOUND [HJ POL][PUM] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> FOUND [HJ POL][PUM] HKLM\[...]\Wow6432Node\[...]\System : ConsentPromptBehaviorAdmin (0) -> FOUND [HJ][PUM] HKLM\[...]\Wow6432Node\[...]\SystemRestore : DisableSR (1) -> FOUND [HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND [HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND ¤¤¤ Scheduled tasks : 20 ¤¤¤ [V2][SUSP PATH] IHUninstallTrackingTASK : CMD - /C DEL C:\Windows\TEMP\IHU40DD.tmp.exe [x][x] -> FOUND [V2][SUSP UNIC] {12EF2A7C-177C-483F-9C30-410D0E8A0125} : C:\Program Files (x86)\GuiltyPLUS\団地ワイフ(DL)\DANCHIDL_.exe [x] -> FOUND [V2][SUSP UNIC] {1FA7B96E-9CCE-4D3B-9983-81339CD3B09C} : E:\vtorrent May eroge\蜜壺~兄さん????わたしこんなに大きくなりましたよ~ DL版\蜜壺\mitsu.exe [x] -> FOUND [V2][SUSP PATH] {2A7638F7-B57B-4104-828B-FF3E5EA175CD} : C:\Users\Donkey Kong\Desktop\KamiModTools\exs4alf.exe [x] -> FOUND [V2][SUSP UNIC] {47B9C55F-CE8B-4708-A769-67ACD2B6616B} : E:\RJ083171\女囚ハンコック.exe [x] -> FOUND [V2][SUSP PATH] {51A5269A-D000-4606-927E-6E7ECF8BC6A0} : C:\Users\Donkey Kong\Desktop\RJ081868\âCâgâRé¦û¦\âCâgâRé¦û¦.exe [x] -> FOUND [V2][SUSP UNIC] {61F0FBF3-8B73-4085-8D6E-27209D6D1FE8} : E:\RJ083171\女囚ハンコック.exe [x] -> FOUND [V2][SUSP UNIC] {62BF1C75-0455-4F67-90E2-1ED4D4EF2367} : C:\AliceSoft\鬼畜王ランス\SYSTEM35.EXE [-] -> FOUND [V2][SUSP UNIC] {682F3DF4-2978-44EB-951D-501AD9FF1342} : E:\WILL\妻ようじ2\t_youji2.exe [x] -> FOUND [V2][SUSP UNIC] {6DD12C88-82DE-4E20-92BA-9DD47199C806} : E:\蜜壺~兄さん????わたしこんなに大きくなりましたよ~ DL版\蜜壺\_mitsu.exe [x] -> FOUND [V2][SUSP UNIC] {8C25D838-255C-4C6E-A85B-8E35585451F3} : E:\WILL\妻ようじ2\t_youji2.exe [x] -> FOUND [V2][SUSP UNIC] {93AE1C7B-D527-472E-9425-647F9C5A9F71} : E:\蜜壺~兄さん????わたしこんなに大きくなりましたよ~ DL版\蜜壺\_mitsu.exe [x] -> FOUND [V2][SUSP PATH] {A81A8DDF-80AA-4EB1-A89A-6E62AB273A46} : C:\Users\Donkey Kong\Desktop\Left4Dead\Left 4 Dead.exe [x] -> FOUND [V2][SUSP PATH] {AD67494B-1848-4BB1-9869-99A1968AC427} : C:\Users\Donkey Kong\Desktop\shouvctl.exe [x] -> FOUND [V2][SUSP UNIC] {B299955F-60D9-480D-A6E8-50F5DBE6F3D0} : C:\Users\Donkey Kong\Downloads\120418-G4-083171(reup)\RJ083171\女囚ハンコック.exe [x] -> FOUND [V2][SUSP UNIC] {BB011644-C301-406C-BD87-5467B73F7F57} : E:\RJ083171\女囚ハンコック.exe [x] -> FOUND [V2][SUSP UNIC] {BDEC4863-53EA-45BF-9062-3E2F37786877} : C:\Users\Donkey Kong\Desktop\綾里???族\綾里???族 インストールパック\ayasato_install.exe [x] -> FOUND [V2][SUSP UNIC] {C47BB627-65AD-44BF-B431-D2B9F9275672} : C:\Users\Donkey Kong\Desktop\RJ016249\こちら女?月温泉郷 インストールパック\kmo_install.exe [x] -> FOUND [V2][SUSP UNIC] {CB9C6F26-1103-48E5-A950-8595E11F0033} : E:\vtorrent May eroge\蜜壺~兄さん????わたしこんなに大きくなりましたよ~ DL版\蜜壺\mitsu.exe [x] -> FOUND [V2][SUSP UNIC] {D72EF6F1-B59A-491A-93AD-3E1C00011FC5} : E:\WILL\妻ようじ2\t_youji2.exe [x] -> FOUND ¤¤¤ Startup Entries : 0 ¤¤¤ ¤¤¤ Web browsers : 0 ¤¤¤ [OP][PROXY] operaprefs : Proxy\HTTP server = 49.212.212.203:80 -> FOUND ¤¤¤ Browser Addons : 0 ¤¤¤ ¤¤¤ Particular Files / Folders: ¤¤¤ ¤¤¤ Driver : [NOT LOADED 0x0] ¤¤¤ ¤¤¤ External Hives: ¤¤¤ ¤¤¤ Infection : ¤¤¤ ¤¤¤ HOSTS File: ¤¤¤ --> %SystemRoot%\System32\drivers\etc\hosts 127.0.0.1 localhost ¤¤¤ MBR Check: ¤¤¤ +++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) WDC WD3200AAKS-22L6A0 ATA Device +++++ --- User --- [MBR] 79ba5ec8b04ddbaa236e5d3d5d038bc5 [BSP] b6a19ec862be49ef72fe8f5ef78b35a3 : Windows 7/8 MBR Code Partition table: 0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo 1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 100859 Mo 2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206766080 | Size: 204283 Mo User = LL1 ... OK! User = LL2 ... OK! +++++ PhysicalDrive1: (\\.\PHYSICALDRIVE1 @ IDE) WDC WD3200AAKS-00B3A0 ATA Device +++++ --- User --- [MBR] bc0dc6aaa21c0e6818ad644483a38ffc [BSP] 48aa0ac5f3ea55c4473f924da3540ee1 : Windows XP MBR Code Partition table: 0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 305242 Mo User = LL1 ... OK! User = LL2 ... OK! Finished : << RKreport[0]_S_03152014_141312.txt >>