driverproblem4

1. RogueKiller V8.6.1 _x64_ [Jun 24 2013] by Tigzy
2. mail : tigzyRK<at>gmail<dot>com
3. Feedback : http://www.geekstogo.com/forum/files/file/413-roguekiller/
4. Website : http://tigzy.geekstogo.com/roguekiller.php
5. Blog : http://tigzyrk.blogspot.com/
6.  
7. Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
8. Started in : Normal mode
9. User : Quicksilver [Admin rights]
10. Mode : Scan -- Date : 06/24/2013 19:16:24
11. | ARK || FAK || MBR |
12.  
13. ¤¤¤ Bad processes : 0 ¤¤¤
14.  
15. ¤¤¤ Registry Entries : 9 ¤¤¤
16. [HJ POL] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> FOUND
17. [HJ POL] HKLM\[...]\System : EnableLUA (0) -> FOUND
18. [HJ POL] HKLM\[...]\Wow6432Node\[...]\System : ConsentPromptBehaviorAdmin (0) -> FOUND
19. [HJ POL] HKLM\[...]\Wow6432Node\[...]\System : EnableLUA (0) -> FOUND
20. [HJ SMENU] HKCU\[...]\Advanced : Start_ShowMyGames (0) -> FOUND
21. [HJ SMENU] HKCU\[...]\Advanced : Start_ShowHelp (0) -> FOUND
22. [HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
23. [HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND
24. [EXT RUN][SUSP PATH] HKCU\Quicksilver_ON_E:\[...]\Run : Internet Security (C:\ProgramData\isecurity.exe [x]) -> FOUND
25.  
26. ¤¤¤ Scheduled tasks : 0 ¤¤¤
27.  
28. ¤¤¤ Startup Entries : 0 ¤¤¤
29.  
30. ¤¤¤ Web browsers : 3 ¤¤¤
31. [FF][PROXY] gcspxzfz.default : user_pref("network.proxy.hxxp", "91.214.228.129"); -> FOUND
32. [FF][PROXY] gcspxzfz.default : user_pref("network.proxy.hxxp_port", 8080); -> FOUND
33. [FF][PROXY] gcspxzfz.default : user_pref("network.proxy.type", 1); -> FOUND
34.  
35. ¤¤¤ Particular Files / Folders: ¤¤¤
36.  
37. ¤¤¤ Driver : [NOT LOADED] ¤¤¤
38.  
39. ¤¤¤ External Hives: ¤¤¤
40. -> D:\windows\system32\config\SYSTEM
41. C:\WINDOWS\system32
42. C:\Documents and Settings\Default User\Start Menu\Programs\Startup
43. -> D:\windows\system32\config\SOFTWARE
44. C:\WINDOWS\system32
45. C:\Documents and Settings\Default User\Start Menu\Programs\Startup
46. -> D:\windows\system32\config\SECURITY
47. C:\WINDOWS\system32
48. C:\Documents and Settings\Default User\Start Menu\Programs\Startup
49. -> D:\windows\system32\config\SAM
50. C:\WINDOWS\system32
51. C:\Documents and Settings\Default User\Start Menu\Programs\Startup
52. -> D:\windows\system32\config\DEFAULT
53. C:\WINDOWS\system32
54. C:\Documents and Settings\Default User\Start Menu\Programs\Startup
55. -> D:\Documents and Settings\Default User\NTUSER.DAT
56. C:\WINDOWS\system32
57. C:\Documents and Settings\Default User\Start Menu\Programs\Startup
58. -> D:\Documents and Settings\Greenwell\NTUSER.DAT
59. C:\WINDOWS\system32
60. C:\Documents and Settings\Greenwell\Start Menu\Programs\Startup
61. -> D:\Documents and Settings\LocalService\NTUSER.DAT
62. C:\WINDOWS\system32
63. C:\Documents and Settings\LocalService\Start Menu\Programs\Startup
64. -> D:\Documents and Settings\NetworkService\NTUSER.DAT
65. C:\WINDOWS\system32
66. C:\Documents and Settings\NetworkService\Start Menu\Programs\Startup
67. -> E:\windows\system32\config\SYSTEM
68. C:\Windows\system32
69. C:\Users\Quicksilver\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
70. -> E:\windows\system32\config\SOFTWARE
71. C:\Windows\system32
72. C:\Users\Quicksilver\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
73. -> E:\windows\system32\config\SECURITY
74. C:\Windows\system32
75. C:\Users\Quicksilver\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
76. -> E:\windows\system32\config\SAM
77. C:\Windows\system32
78. C:\Users\Quicksilver\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
79. -> E:\windows\system32\config\DEFAULT
80. C:\Windows\system32
81. C:\Users\Quicksilver\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
82. -> E:\Users\Default\NTUSER.DAT
83. C:\Windows\system32
84.  
85. -> E:\Users\Default User\NTUSER.DAT
86. C:\Windows\system32
87.  
88. -> E:\Users\Mcx1-QUICKSILVER-PC\NTUSER.DAT
89. C:\Windows\system32
90.  
91. -> E:\Users\Quicksilver\NTUSER.DAT
92. C:\Windows\system32
93. C:\Users\Quicksilver\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
94. -> E:\Users\UpdatusUser\NTUSER.DAT
95. C:\Windows\system32
96.  
97. -> E:\Documents and Settings\Default\NTUSER.DAT
98. C:\Windows\system32
99.  
100. -> E:\Documents and Settings\Default User\NTUSER.DAT
101. C:\Windows\system32
102.  
103. -> E:\Documents and Settings\Quicksilver\NTUSER.DAT
104. C:\Windows\system32
105.  
106.  
107. ¤¤¤ Infection : ¤¤¤
108.  
109. ¤¤¤ HOSTS File: ¤¤¤
110. --> %SystemRoot%\System32\drivers\etc\hosts
111.  
112.  
113.  
114.  
115. ¤¤¤ MBR Check: ¤¤¤
116.  
117. +++++ PhysicalDrive0: ST380815AS ATA Device +++++
118. --- User ---
119. [MBR] 2d46964890ad7503a0f1eed8dd4df7cd
120. [BSP] 9bb2bb6e4c97aa0f67cc3193552f1d7e : Windows XP MBR Code
121. Partition table:
122. 0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 76308 Mo
123. User = LL1 ... OK!
124. User = LL2 ... OK!
125.  
126. +++++ PhysicalDrive1: ST380815AS ATA Device +++++
127. --- User ---
128. [MBR] 9755295f168b8816beecd167ddc422e6
129. [BSP] 4d5945fc4d3cab867356966a6410c601 : Windows 7/8 MBR Code
130. Partition table:
131. 0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 953867 Mo
132. User = LL1 ... OK!
133. User = LL2 ... OK!
134.  
135. +++++ PhysicalDrive2: ST380815AS ATA Device +++++
136. --- User ---
137. [MBR] 0b08cbfcf9b3cd585f8ba070296fc474
138. [BSP] 947c2e6bd1f9dac91b1473b21baa6d35 : Windows 7/8 MBR Code
139. Partition table:
140. 0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo
141. 1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 476838 Mo
142. User = LL1 ... OK!
143. User = LL2 ... OK!
144.  
145. Finished : << RKreport[0]_S_06242013_191624.txt >>