RogueKiller

1. RogueKiller V8.8.15 [Mar 27 2014] by Adlice Software
2. mail : http://www.adlice.com/contact/
3. Feedback : http://forum.adlice.com
4. Website : http://www.adlice.com/softwares/roguekiller/
5. Blog : http://www.adlice.com
6.  
7. Operating System : Windows Vista (6.0.6002 Service Pack 2) 32 bits version
8. Started in : Normal mode
9. User : Jeri [Admin rights]
10. Mode : Scan -- Date : 04/23/2014 21:57:09
11. | ARK || FAK || MBR |
12.  
13. ¤¤¤ Bad processes : 0 ¤¤¤
14.  
15. ¤¤¤ Registry Entries : 5 ¤¤¤
16. [HJ POL][PUM] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> FOUND
17. [HJ POL][PUM] HKLM\[...]\System : ConsentPromptBehaviorUser (0) -> FOUND
18. [HJ POL][PUM] HKLM\[...]\System : EnableLUA (0) -> FOUND
19. [HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
20. [HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND
21.  
22. ¤¤¤ Scheduled tasks : 0 ¤¤¤
23.  
24. ¤¤¤ Startup Entries : 0 ¤¤¤
25.  
26. ¤¤¤ Web browsers : 0 ¤¤¤
27.  
28. ¤¤¤ Browser Addons : 0 ¤¤¤
29.  
30. ¤¤¤ Particular Files / Folders: ¤¤¤
31.  
32. ¤¤¤ Driver : [LOADED] ¤¤¤
33.  
34. ¤¤¤ External Hives: ¤¤¤
35. -> D:\windows\system32\config\SYSTEM | DRVINFO [Drv - D:] | SYSTEMINFO [Sys - x:] [Sys32 - FOUND] | USERINFO [Startup - NOT_FOUND]
36. -> D:\windows\system32\config\SOFTWARE | DRVINFO [Drv - D:] | SYSTEMINFO [Sys - x:] [Sys32 - FOUND] | USERINFO [Startup - NOT_FOUND]
37. -> D:\windows\system32\config\SECURITY | DRVINFO [Drv - D:] | SYSTEMINFO [Sys - x:] [Sys32 - FOUND] | USERINFO [Startup - NOT_FOUND]
38. -> D:\Users\Default\NTUSER.DAT | DRVINFO [Drv - D:] | SYSTEMINFO [Sys - x:] [Sys32 - FOUND] | USERINFO [Startup - NOT_FOUND]
39.  
40. ¤¤¤ Infection : ¤¤¤
41.  
42. ¤¤¤ HOSTS File: ¤¤¤
43. --> %SystemRoot%\System32\drivers\etc\hosts
44.  
45.  
46. 127.0.0.1 localhost
47. ::1 localhost
48.  
49.  
50. ¤¤¤ MBR Check: ¤¤¤
51.  
52. +++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) Hitachi HDP725050GLA360 ATA Device +++++
53. --- User ---
54. [MBR] ca6002ba82b20997bc29482bcf82d541
55. [BSP] bdf99326810b3ea5b3c85f61013cb3ba : Windows Vista MBR Code
56. Partition table:
57. 0 - [XXXXXX] DELL-UTIL (0xde) [VISIBLE] Offset (sectors): 63 | Size: 54 MB
58. 1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 112640 | Size: 15360 MB
59. 2 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 31569920 | Size: 461524 MB
60. User = LL1 ... OK!
61. User = LL2 ... OK!
62.  
63. +++++ PhysicalDrive1: (\\.\PHYSICALDRIVE1 @ USB) TEAC USB HS-CF Card USB Device +++++
64. Error reading User MBR! ([0x15] The device is not ready. )
65. User = LL1 ... OK!
66. Error reading LL2 MBR! ([0x32] The request is not supported. )
67.  
68. +++++ PhysicalDrive2: (\\.\PHYSICALDRIVE2 @ USB) TEAC USB HS-xD/SM USB Device +++++
69. Error reading User MBR! ([0x15] The device is not ready. )
70. User = LL1 ... OK!
71. Error reading LL2 MBR! ([0x32] The request is not supported. )
72.  
73. +++++ PhysicalDrive3: (\\.\PHYSICALDRIVE3 @ USB) TEAC USB HS-MS Card USB Device +++++
74. Error reading User MBR! ([0x15] The device is not ready. )
75. User = LL1 ... OK!
76. Error reading LL2 MBR! ([0x32] The request is not supported. )
77.  
78. +++++ PhysicalDrive4: (\\.\PHYSICALDRIVE4 @ USB) TEAC USB HS-SD Card USB Device +++++
79. Error reading User MBR! ([0x15] The device is not ready. )
80. User = LL1 ... OK!
81. Error reading LL2 MBR! ([0x32] The request is not supported. )
82.  
83. Finished : << RKreport[0]_S_04232014_215709.txt >>