HJPOL Registry, Malware and RK Log...

Discussion in 'Malware Help (A Specialist Will Reply)' started by wrtigo, Oct 6, 2013.

  1. wrtigo

    wrtigo Private E-2

    Hello All,

    I am running on Windows XP. RogueKiller program report shows the following HJPOL key type. Log posted below anlng with an AdwCleaner Report log. They look different. I have note deleted or quarantined, so we can work from there. Thank You for your help.

    key type: HJPOL
    global: HKLM
    Key: SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System
    value" DisableRegistryTools
    Data: 0


    RogueKiller V8.5.2 [Feb 23 2013] by Tigzy
    mail : tigzyRK<at>gmail<dot>com
    Feedback : http://www.geekstogo.com/forum/files/file/413-roguekiller/
    Website : http://tigzy.geekstogo.com/roguekiller.php
    Blog : http://tigzyrk.blogspot.com/

    Operating System : Windows XP (5.1.2600 Service Pack 3) 32 bits version
    Started in : Normal mode
    User : Admin [Admin rights]
    Mode : Scan -- Date : 10/05/2013 16:08:17
    | ARK || FAK || MBR |

    ¤¤¤ Bad processes : 0 ¤¤¤

    ¤¤¤ Registry Entries : 1 ¤¤¤
    [HJPOL] HKLM\[...]\System : DisableRegistryTools (0) -> FOUND

    ¤¤¤ Particular Files / Folders: ¤¤¤

    ¤¤¤ Driver : [LOADED] ¤¤¤

    ¤¤¤ HOSTS File: ¤¤¤
    --> C:\WINDOWS\system32\drivers\etc\hosts

    127.0.0.1 localhost

    ¤¤¤ MBR Check: ¤¤¤

    +++++ PhysicalDrive0: WDC WD400BB-75DEA0 +++++
    --- User ---
    [MBR] 3a4b055ac942a9f30e2a459eabdf1f76
    [BSP] d8530313a4a7d15b2a7fcbe346dffeff : Windows XP MBR Code
    Partition table:
    0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 38146 Mo
    User = LL1 ... OK!
    User = LL2 ... OK!

    Finished : << RKreport[5]_S_10052013_02d1608.txt >>



    =========================

    # AdwCleaner v3.006 - Report created 05/10/2013 at 17:16:55
    # Updated 01/10/2013 by Xplode
    # Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
    # Username : Admin - R1
    # Running from : C:\Documents and Settings\Admin\My Documents\Downloads\adwcleaner.exe
    # Option : Scan

    ***** [ Services ] *****

    ***** [ Files / Folders ] *****

    ***** [ Shortcuts ] *****

    ***** [ Registry ] *****

    Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App

    Management\ARPCache\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
    Key Found :

    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}

    ***** [ Browsers ] *****

    -\\ Internet Explorer v8.0.6001.18702

    -\\ Mozilla Firefox v19.0.2 (en-US)

    [ File : C:\Documents and Settings\Admin\Application

    Data\Mozilla\Firefox\Profiles\xzk36lty.default-1362958483423\prefs.js ]

    *************************

    AdwCleaner[R0].txt - [922 octets] - [05/10/2013 17:16:55]

    ########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [981 octets] ##########
     
    wrtigo, Oct 6, 2013
    #1
  2. TimW

    TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

    TimW, Oct 6, 2013
    #2

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds