« previous next »
Pages: [1]

Author Topic: installed rogue killer  (Read 8200 times)

0 Members and 1 Guest are viewing this topic.

June 04, 2014, 05:18:55 PM

thompsn58

  • Guest
installed rogue killer
« on: June 04, 2014, 05:18:55 PM »
unfortunately some files have been replaced and some do not have the option to delete.
Suggestions appreciated. Posting report in several sections since I exceeded to 20000 word limit. Thanks

RogueKiller V9.0.2.0 [Jun  3 2014] by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Website : http://www.adlice.com/softwares/roguekiller/
Blog : http://www.adlice.com

Operating System : Windows Vista (6.0.6000 ) 32 bits version
Started in : Safe mode with network support
User : susana [Admin rights]
Mode : Remove -- Date : 06/04/2014  10:56:09

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 5 ¤¤¤
[PUM.Proxy] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyEnable : 1  -> REPLACED (0)
[PUM.Proxy] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyServer : http=127.0.0.1:3128  -> DELETED
[PUM.Policies] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | ConsentPromptBehaviorUser : 0  -> REPLACED (1)
[PUM.DesktopIcons] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1  -> REPLACED (0)
[PUM.DesktopIcons] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1  -> REPLACED (0)

¤¤¤ Scheduled tasks : 0 ¤¤¤

¤¤¤ Files : 79 ¤¤¤
[Suspicious.Path][File] 101-2014 Assessment.LNK -- C:\Users\susana\AppData\Roaming\Microsoft\Office\Recent\101-2014 Assessment.LNK [LNK@] C:\Users\susana\Desktop\PARKVI~1\INVOIC~1\2014\101-20~1.XLS -> DELETED
[Suspicious.Path][File] 102-2014 Assessment.LNK -- C:\Users\susana\AppData\Roaming\Microsoft\Office\Recent\102-2014 Assessment.LNK [LNK@] C:\Users\susana\Desktop\PARKVI~1\INVOIC~1\2014\102-20~1.XLS -> DELETED
[Suspicious.Path][File] 201- 2014 Assessment.LNK -- C:\Users\susana\AppData\Roaming\Microsoft\Office\Recent\201- 2014 Assessment.LNK [LNK@] C:\Users\susana\Desktop\PARKVI~1\INVOIC~1\2014\201-20~1.XLS -> DELETED
[Suspicious.Path][File] 2013.LNK -- C:\Users\susana\AppData\Roaming\Microsoft\Office\Recent\2013.LNK [LNK@] C:\Users\susana\Desktop\PARKVI~1\INVOIC~1\2013 -> DELETED
[Suspicious.Path][File] 2014.LNK -- C:\Users\susana\AppData\Roaming\Microsoft\Office\Recent\2014.LNK [LNK@] C:\Users\susana\Desktop\PARKVI~1\INVOIC~1\2014 -> DELETED
[Suspicious.Path][File] 202- 2014 Assessment.LNK -- C:\Users\susana\AppData\Roaming\Microsoft\Office\Recent\202- 2014 Assessment.LNK [LNK@] C:\Users\susana\Desktop\PARKVI~1\INVOIC~1\2014\202-20~1.XLS -> DELETED
[Suspicious.Path][File] 301- 2014 Assessment.LNK -- C:\Users\susana\AppData\Roaming\Microsoft\Office\Recent\301- 2014 Assessment.LNK [LNK@] C:\Users\susana\Desktop\PARKVI~1\INVOIC~1\2014\301-20~1.XLS -> DELETED
[Suspicious.Path][File] 302- 2014 Assessment.LNK -- C:\Users\susana\AppData\Roaming\Microsoft\Office\Recent\302- 2014 Assessment.LNK [LNK@] C:\Users\susana\Desktop\PARKVI~1\INVOIC~1\2014\302-20~1.XLS -> DELETED
[Suspicious.Path][File] 306 South Lake Park Blvd - Roofing Proposal_Highland Roofing.LNK -- C:\Users\susana\AppData\Roaming\Microsoft\Office\Recent\306 South Lake Park Blvd - Roofing Proposal_Highland Roofing.LNK [LNK@] C:\Users\susana\Desktop\ParkView Villas HOA\306 South Lake Park Blvd - Roofing Proposal_Highland Roofing.doc -> DELETED
[Suspicious.Path][File] 5-2-2013 12;59;04 PM.LNK -- C:\Users\susana\AppData\Roaming\Microsoft\Office\Recent\5-2-2013 12;59;04 PM.LNK [LNK@] C:\Users\susana\Desktop\5-2-2013 12;59;04 PM.jpg -> DELETED
[Suspicious.Path][File] 5-2-2013 1;01;16 PM.LNK -- C:\Users\susana\AppData\Roaming\Microsoft\Office\Recent\5-2-2013 1;01;16 PM.LNK [LNK@] C:\Users\susana\Desktop\5-2-2013 1;01;16 PM.jpg -> DELETED
[Suspicious.Path][File] 5-8-2014 2;11;46 PM.LNK -- C:\Users\susana\AppData\Roaming\Microsoft\Office\Recent\5-8-2014 2;11;46 PM.LNK [LNK@] C:\Users\susana\Desktop\5-8-2014 2;11;46 PM.jpg -> DELETED
[Suspicious.Path][File] 5-8-2014 2;13;11 PM.LNK -- C:\Users\susana\AppData\Roaming\Microsoft\Office\Recent\5-8-2014 2;13;11 PM.LNK [LNK@] C:\Users\susana\Desktop\5-8-2014 2;13;11 PM.jpg -> DELETED
[Suspicious.Path][File] 5-8-2014 2;14;39 PM.LNK -- C:\Users\susana\AppData\Roaming\Microsoft\Office\Recent\5-8-2014 2;14;39 PM.LNK [LNK@] C:\Users\susana\Desktop\5-8-2014 2;14;39 PM.jpg -> DELETED
[Suspicious.Path][File] 5-8-2014 2;16;09 PM.LNK -- C:\Users\susana\AppData\Roaming\Microsoft\Office\Recent\5-8-2014 2;16;09 PM.LNK [LNK@] C:\Users\susana\Desktop\5-8-2014 2;16;09 PM.jpg -> DELETED
[Suspicious.Path][File] April.LNK -- C:\Users\susana\AppData\Roaming\Microsoft\Office\Recent\April.LNK [LNK@] C:\Users\susana\Desktop\PARKVI~1\Budget\2014\April -> DELETED
[Suspicious.Path][File] August.LNK -- C:\Users\susana\AppData\Roaming\Microsoft\Office\Recent\August.LNK [LNK@] C:\Users\susana\Desktop\PARKVI~1\Budget\2013\August -> DELETED
[Suspicious.Path][File] Budget for Thompson Household.LNK -- C:\Users\susana\AppData\Roaming\Microsoft\Office\Recent\Budget for Thompson Household.LNK [LNK@] C:\Users\susana\Desktop\BUDGET~1 -> DELETED
[Suspicious.Path][File] Budget.LNK -- C:\Users\susana\AppData\Roaming\Microsoft\Office\Recent\Budget.LNK [LNK@] C:\Users\susana\Desktop\EDITHW~1\Budget -> DELETED
[Suspicious.Path][File] Checkbook Records.LNK -- C:\Users\susana\AppData\Roaming\Microsoft\Office\Recent\Checkbook Records.LNK [LNK@] C:\Users\susana\Desktop\PARKVI~1\CHECKB~1 -> DELETED
[Suspicious.Path][File] December.LNK -- C:\Users\susana\AppData\Roaming\Microsoft\Office\Recent\December.LNK [LNK@] C:\Users\susana\Desktop\PARKVI~1\Budget\2013\December -> DELETED
[Suspicious.Path][File] Desktop.LNK -- C:\Users\susana\AppData\Roaming\Microsoft\Office\Recent\Desktop.LNK [LNK@] C:\Users\susana\Desktop -> DELETED
[Suspicious.Path][File] Dogwood Lane Resident List.LNK -- C:\Users\susana\AppData\Roaming\Microsoft\Office\Recent\Dogwood Lane Resident List.LNK [LNK@] C:\Users\susana\Desktop\Dogwood Lane Resident List.doc -> DELETED
[Suspicious.Path][File] February.LNK -- C:\Users\susana\AppData\Roaming\Microsoft\Office\Recent\February.LNK [LNK@] C:\Users\susana\Desktop\PARKVI~1\Budget\2014\February -> DELETED
[Suspicious.Path][File] HOA Budget Sheet_April2014.LNK -- C:\Users\susana\AppData\Roaming\Microsoft\Office\Recent\HOA Budget Sheet_April2014.LNK [LNK@] C:\Users\susana\Desktop\PARKVI~1\Budget\2014\April\HOABUD~3.XLS -> DELETED
[Suspicious.Path][File] HOA Budget Sheet_Feb2013.LNK -- C:\Users\susana\AppData\Roaming\Microsoft\Office\Recent\HOA Budget Sheet_Feb2013.LNK [LNK@] C:\Users\susana\Desktop\PARKVI~1\Budget\2013\February\HOABUD~1.XLS -> DELETED
[Suspicious.Path][File] HOA Budget Sheet_May2014.LNK -- C:\Users\susana\AppData\Roaming\Microsoft\Office\Recent\HOA Budget Sheet_May2014.LNK [LNK@] C:\Users\susana\Desktop\PARKVI~1\Budget\2014\May\HOABUD~1.XLS -> DELETED
[Suspicious.Path][File] HOA Budget%April2014.LNK -- C:\Users\susana\AppData\Roaming\Microsoft\Office\Recent\HOA Budget%April2014.LNK [LNK@] C:\Users\susana\Desktop\PARKVI~1\Budget\2014\April\HOABUD~1.XLS -> DELETED
[Suspicious.Path][File] HOA Budget%May2014.LNK -- C:\Users\susana\AppData\Roaming\Microsoft\Office\Recent\HOA Budget%May2014.LNK [LNK@] C:\Users\susana\Desktop\PARKVI~1\Budget\2014\May\HOABUD~2.XLS -> DELETED
[Suspicious.Path][File] January.LNK -- C:\Users\susana\AppData\Roaming\Microsoft\Office\Recent\January.LNK [LNK@] C:\Users\susana\Desktop\PARKVI~1\Budget\2014\January -> DELETED
[Suspicious.Path][File] Jan_New budget.LNK -- C:\Users\susana\AppData\Roaming\Microsoft\Office\Recent\Jan_New budget.LNK [LNK@] C:\Users\susana\Desktop\PARKVI~1\Budget\2012\JAN_NE~1 -> DELETED
[Suspicious.Path][File] July.LNK -- C:\Users\susana\AppData\Roaming\Microsoft\Office\Recent\July.LNK [LNK@] C:\Users\susana\Desktop\PARKVI~1\Budget\2013\July -> DELETED
[Suspicious.Path][File] March.LNK -- C:\Users\susana\AppData\Roaming\Microsoft\Office\Recent\March.LNK [LNK@] C:\Users\susana\Desktop\PARKVI~1\Budget\2014\March -> DELETED
[Suspicious.Path][File] May.LNK -- C:\Users\susana\AppData\Roaming\Microsoft\Office\Recent\May.LNK [LNK@] C:\Users\susana\Desktop\PARKVI~1\Budget\2014\May -> DELETED
[Suspicious.Path][File] November.LNK -- C:\Users\susana\AppData\Roaming\Microsoft\Office\Recent\November.LNK [LNK@] C:\Users\susana\Desktop\PARKVI~1\Budget\2013\November -> DELETED
[Suspicious.Path][File] October.LNK -- C:\Users\susana\AppData\Roaming\Microsoft\Office\Recent\October.LNK [LNK@] C:\Users\susana\Desktop\PARKVI~1\Budget\2013\October -> DELETED
[Suspicious.Path][File] Otis Elevator.LNK -- C:\Users\susana\AppData\Roaming\Microsoft\Office\Recent\Otis Elevator.LNK [LNK@] C:\Users\susana\Desktop\PARKVI~1\OTISEL~1 -> DELETED
[Suspicious.Path][File] ParkView Villas HOA.LNK -- C:\Users\susana\AppData\Roaming\Microsoft\Office\Recent\ParkView Villas HOA.LNK [LNK@] C:\Users\susana\Desktop\PARKVI~1 -> DELETED
[Suspicious.Path][File] Proxy.LNK -- C:\Users\susana\AppData\Roaming\Microsoft\Office\Recent\Proxy.LNK [LNK@] C:\Users\susana\Desktop\PARKVI~1\Proxy -> DELETED
[Suspicious.Path][File] ProxyLetter.LNK -- C:\Users\susana\AppData\Roaming\Microsoft\Office\Recent\ProxyLetter.LNK [LNK@] C:\Users\susana\Desktop\PARKVI~1\Proxy\PROXYL~1.DOC -> DELETED
[Suspicious.Path][File] Review of Payments for dues and assessments years 2007-2009.LNK -- C:\Users\susana\AppData\Roaming\Microsoft\Office\Recent\Review of Payments for dues and assessments years 2007-2009.LNK [LNK@] C:\Users\susana\Desktop\PARKVI~1\LATEDU~1\REVIEW~1.DOC -> DELETED
[Suspicious.Path][File] September.LNK -- C:\Users\susana\AppData\Roaming\Microsoft\Office\Recent\September.LNK [LNK@] C:\Users\susana\Desktop\PARKVI~1\Budget\2013\SEPTEM~1 -> DELETED
[Suspicious.Path][File] Unit Owner List of Names.LNK -- C:\Users\susana\AppData\Roaming\Microsoft\Office\Recent\Unit Owner List of Names.LNK [LNK@] C:\Users\susana\Desktop\PARKVI~1\UNITOW~1 -> DELETED
[Suspicious.Path][File] 101-2014 Assessment.lnk -- C:\Users\susana\AppData\Roaming\Microsoft\Windows\Recent\101-2014 Assessment.lnk [LNK@] C:\Users\susana\Desktop\PARKVI~1\INVOIC~1\2014\101-20~1.XLS -> DELETED
[Suspicious.Path][File] 102-2014 Assessment.lnk -- C:\Users\susana\AppData\Roaming\Microsoft\Windows\Recent\102-2014 Assessment.lnk [LNK@] C:\Users\susana\Desktop\PARKVI~1\INVOIC~1\2014\102-20~1.XLS -> DELETED
[Suspicious.Path][File] 201- 2014 Assessment.lnk -- C:\Users\susana\AppData\Roaming\Microsoft\Windows\Recent\201- 2014 Assessment.lnk [LNK@] C:\Users\susana\Desktop\PARKVI~1\INVOIC~1\2014\201-20~1.XLS -> DELETED
[Suspicious.Path][File] 2014.lnk -- C:\Users\susana\AppData\Roaming\Microsoft\Windows\Recent\2014.lnk [LNK@] C:\Users\susana\Desktop\PARKVI~1\INVOIC~1\2014 -> DELETED
[Suspicious.Path][File] 202- 2014 Assessment.lnk -- C:\Users\susana\AppData\Roaming\Microsoft\Windows\Recent\202- 2014 Assessment.lnk [LNK@] C:\Users\susana\Desktop\PARKVI~1\INVOIC~1\2014\202-20~1.XLS -> DELETED
[Suspicious.Path][File] 301- 2014 Assessment.lnk -- C:\Users\susana\AppData\Roaming\Microsoft\Windows\Recent\301- 2014 Assessment.lnk [LNK@] C:\Users\susana\Desktop\PARKVI~1\INVOIC~1\2014\301-20~1.XLS -> DELETED
[Suspicious.Path][File] 302- 2014 Assessment.lnk -- C:\Users\susana\AppData\Roaming\Microsoft\Windows\Recent\302- 2014 Assessment.lnk [LNK@] C:\Users\susana\Desktop\PARKVI~1\INVOIC~1\2014\302-20~1.XLS -> DELETED
[Suspicious.Path][File] 302-306 S. Lake Park Blvd_NC-SC_4.0_NAF_Renew.lnk -- C:\Users\susana\AppData\Roaming\Microsoft\Windows\Recent\302-306 S. Lake Park Blvd_NC-SC_4.0_NAF_Renew.lnk [LNK@] C:\Users\susana\Desktop\302-306 S. Lake Park Blvd_NC-SC_4.0_NAF_Renew.pdf -> DELETED
[Suspicious.Path][File] 5-8-2014 2;01;54 PM.lnk -- C:\Users\susana\AppData\Roaming\Microsoft\Windows\Recent\5-8-2014 2;01;54 PM.lnk [LNK@] C:\Users\susana\Desktop\5-8-2014 2;01;54 PM.jpg -> DELETED
[Suspicious.Path][File] 5-8-2014 2;03;28 PM.lnk -- C:\Users\susana\AppData\Roaming\Microsoft\Windows\Recent\5-8-2014 2;03;28 PM.lnk [LNK@] C:\Users\susana\Desktop\5-8-2014 2;03;28 PM.jpg -> DELETED
[Suspicious.Path][File] 5-8-2014 2;04;59 PM.lnk -- C:\Users\susana\AppData\Roaming\Microsoft\Windows\Recent\5-8-2014 2;04;59 PM.lnk [LNK@] C:\Users\susana\Desktop\5-8-2014 2;04;59 PM.jpg -> DELETED
[Suspicious.Path][File] 5-8-2014 2;07;12 PM.lnk -- C:\Users\susana\AppData\Roaming\Microsoft\Windows\Recent\5-8-2014 2;07;12 PM.lnk [LNK@] C:\Users\susana\Desktop\5-8-2014 2;07;12 PM.jpg -> DELETED
[Suspicious.Path][File] 5-8-2014 2;08;41 PM.lnk -- C:\Users\susana\AppData\Roaming\Microsoft\Windows\Recent\5-8-2014 2;08;41 PM.lnk [LNK@] C:\Users\susana\Desktop\5-8-2014 2;08;41 PM.jpg -> DELETED
[Suspicious.Path][File] 5-8-2014 2;10;20 PM.lnk -- C:\Users\susana\AppData\Roaming\Microsoft\Windows\Recent\5-8-2014 2;10;20 PM.lnk [LNK@] C:\Users\susana\Desktop\5-8-2014 2;10;20 PM.jpg -> DELETED
[Suspicious.Path][File] 5-8-2014 2;11;46 PM.lnk -- C:\Users\susana\AppData\Roaming\Microsoft\Windows\Recent\5-8-2014 2;11;46 PM.lnk [LNK@] C:\Users\susana\Desktop\5-8-2014 2;11;46 PM.jpg -> DELETED
[Suspicious.Path][File] 5-8-2014 2;13;11 PM.lnk -- C:\Users\susana\AppData\Roaming\Microsoft\Windows\Recent\5-8-2014 2;13;11 PM.lnk [LNK@] C:\Users\susana\Desktop\5-8-2014 2;13;11 PM.jpg -> DELETED
[Suspicious.Path][File] 5-8-2014 2;14;39 PM.lnk -- C:\Users\susana\AppData\Roaming\Microsoft\Windows\Recent\5-8-2014 2;14;39 PM.lnk [LNK@] C:\Users\susana\Desktop\5-8-2014 2;14;39 PM.jpg -> DELETED
[Suspicious.Path][File] 5-8-2014 2;16;09 PM.lnk -- C:\Users\susana\AppData\Roaming\Microsoft\Windows\Recent\5-8-2014 2;16;09 PM.lnk [LNK@] C:\Users\susana\Desktop\5-8-2014 2;16;09 PM.jpg -> DELETED
[Suspicious.Path][File] April.lnk -- C:\Users\susana\AppData\Roaming\Microsoft\Windows\Recent\April.lnk [LNK@] C:\Users\susana\Desktop\PARKVI~1\Budget\2014\April -> DELETED
[Suspicious.Path][File] Bank Statement for March 2014.lnk -- C:\Users\susana\AppData\Roaming\Microsoft\Windows\Recent\Bank Statement for March 2014.lnk [LNK@] C:\Users\susana\Desktop\Bank Statement for March 2014.pdf -> DELETED
[Suspicious.Path][File] HOA Budget Sheet_April2014.lnk -- C:\Users\susana\AppData\Roaming\Microsoft\Windows\Recent\HOA Budget Sheet_April2014.lnk [LNK@] C:\Users\susana\Desktop\PARKVI~1\Budget\2014\April\HOABUD~3.XLS -> DELETED
[Suspicious.Path][File] HOA Budget Sheet_May2014.lnk -- C:\Users\susana\AppData\Roaming\Microsoft\Windows\Recent\HOA Budget Sheet_May2014.lnk [LNK@] C:\Users\susana\Desktop\PARKVI~1\Budget\2014\May\HOABUD~1.XLS -> DELETED
[Suspicious.Path][File] HOA Budget%April2014.lnk -- C:\Users\susana\AppData\Roaming\Microsoft\Windows\Recent\HOA Budget%April2014.lnk [LNK@] C:\Users\susana\Desktop\PARKVI~1\Budget\2014\April\HOABUD~1.XLS -> DELETED
[Suspicious.Path][File] HOA Budget%May2014.lnk -- C:\Users\susana\AppData\Roaming\Microsoft\Windows\Recent\HOA Budget%May2014.lnk [LNK@] C:\Users\susana\Desktop\PARKVI~1\Budget\2014\May\HOABUD~2.XLS -> DELETED
[Suspicious.Path][File] imfpmncmbojnbdhnogcegojocabhpbnh.lnk -- C:\Users\susana\AppData\Roaming\Microsoft\Windows\Recent\imfpmncmbojnbdhnogcegojocabhpbnh.lnk [LNK@] C:\Users\susana\Desktop\imfpmncmbojnbdhnogcegojocabhpbnh.pdf -> DELETED
[Suspicious.Path][File] March.lnk -- C:\Users\susana\AppData\Roaming\Microsoft\Windows\Recent\March.lnk [LNK@] C:\Users\susana\Desktop\PARKVI~1\Budget\2014\March -> DELETED
[Suspicious.Path][File] May.lnk -- C:\Users\susana\AppData\Roaming\Microsoft\Windows\Recent\May.lnk [LNK@] C:\Users\susana\Desktop\PARKVI~1\Budget\2014\May -> DELETED
[Suspicious.Path][File] Parkview Villas HOA Tax Return 2013.lnk -- C:\Users\susana\AppData\Roaming\Microsoft\Windows\Recent\Parkview Villas HOA Tax Return 2013.lnk [LNK@] C:\Users\susana\Desktop\Parkview Villas HOA Tax Return 2013.pdf -> DELETED
[Rans.Crypto][File] Revo Uninstaller.lnk -- C:\Users\susana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller\Revo Uninstaller.lnk [LNK@] C:\Program Files\VS Revo Group\Revo Uninstaller\Revouninstaller.exe -> DELETED
[Rans.Crypto][File] Run Hunter Mode.lnk -- C:\Users\susana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller\Run Hunter Mode.lnk [LNK@] C:\Program Files\VS Revo Group\Revo Uninstaller\Revouninstaller.exe -hunter -> DELETED
[Suspicious.Path][File] Justin Humphries response letter re Rouen_Thompson 12-23-11 - Shortcut.lnk -- C:\Users\susana\Desktop\ParkView Villas HOA\Conference Meetings 2012\April 28th, 2012\Justin Humphries response letter re Rouen_Thompson 12-23-11 - Shortcut.lnk [LNK@] C:\Users\susana\Desktop\PARKVI~1\Attorney\JUSTIN~1.PDF -> DELETED
[Rans.Crypto][File] Revo Uninstaller.lnk -- C:\Users\susana\Desktop\Revo Uninstaller.lnk [LNK@] C:\Program Files\VS Revo Group\Revo Uninstaller\Revouninstaller.exe -> DELETED
[Suspicious.Path][File] Documents.lnk -- C:\Users\susana\Links\Documents.lnk [LNK@] C:\Users\susana\DOCUME~1 -> DELETED
[Suspicious.Path][File] Music.lnk -- C:\Users\susana\Links\Music.lnk [LNK@] C:\Users\susana\Music -> DELETED
[Suspicious.Path][File] Pictures.lnk -- C:\Users\susana\Links\Pictures.lnk [LNK@] C:\Users\susana\Pictures -> DELETED
[Suspicious.Path][File] Searches.lnk -- C:\Users\susana\Links\Searches.lnk [LNK@] C:\Users\susana\Searches -> DELETED

Logged
Reply #1June 04, 2014, 05:39:31 PM

Tigzy

  • Administrator
  • Hero Member
  • Offline
  • *****
  • 957
  • Reputation:
    91
  • Personal Text
    Owner, Adlice Software
    • View Profile
    • Adlice Software
Re: installed rogue killer
« Reply #1 on: June 04, 2014, 05:39:31 PM »
Hello
This look strange.
Looks like it removed some files starting in the Start menu folder :/

No problem they are still in quarantine. The problem is we don't have currently something to unquarantine them, this was supposed to come later.
I guess I'll start coding some tool for that.

Can you please run a scan with the debug version and post the report?
http://www.surlatoile.org/RogueKiller/RogueKiller_DEBUG.exe
« Last Edit: June 04, 2014, 05:41:36 PM by Tigzy »
Logged
Reply #2June 04, 2014, 06:13:13 PM

Tigzy

  • Administrator
  • Hero Member
  • Offline
  • *****
  • 957
  • Reputation:
    91
  • Personal Text
    Owner, Adlice Software
    • View Profile
    • Adlice Software
Re: installed rogue killer
« Reply #2 on: June 04, 2014, 06:13:13 PM »
Could you please also upload some .meta files that you will find in %programdata%/RogueKiller/Quarantine please?
Logged
Reply #3June 05, 2014, 09:48:31 AM

Tigzy

  • Administrator
  • Hero Member
  • Offline
  • *****
  • 957
  • Reputation:
    91
  • Personal Text
    Owner, Adlice Software
    • View Profile
    • Adlice Software
Re: installed rogue killer
« Reply #3 on: June 05, 2014, 09:48:31 AM »
If you're still here...
There's a program to restore all the files quarantined: http://www.surlatoile.org/RogueKiller/FixesRK/restorefiles.exe
Please tell me if it worked.
Logged
Pages: [1]
« previous next »