RogueKiller V7.6.6 [08/10/2012]  by Tigzy
mail: tigzyRK<at>gmail<dot>com
Feedback: http://www.geekstogo.com/forum/files/file/413-roguekiller/
Blog: http://tigzyrk.blogspot.com

Operating System: Windows Vista (6.0.6001 Service Pack 1) 32 bits version
Started in : Normal mode
User: Danial [Admin rights]
Mode: Scan -- Date: 08/26/2012 02:24:00

¤¤¤ Bad processes: 1 ¤¤¤
[WINDOW : Live Security Platinum] 036DFF98028B22B915C04EB96C44B161.exe -- C:\ProgramData\036DFF98028B22B915C04EB96C44B161\036DFF98028B22B915C04EB96C44B161.exe -> KILLED [TermProc]

¤¤¤ Registry Entries: 11 ¤¤¤
[SUSP PATH] HKCU\[...]\RunOnce : 036DFF98028B22B915C04EB96C44B161 (C:\ProgramData\036DFF98028B22B915C04EB96C44B161\036DFF98028B22B915C04EB96C44B161.exe) -> FOUND
[SUSP PATH] HKUS\S-1-5-21-424710027-3257723918-3237088834-1008[...]\RunOnce : 036DFF98028B22B915C04EB96C44B161 (C:\ProgramData\036DFF98028B22B915C04EB96C44B161\036DFF98028B22B915C04EB96C44B161.exe) -> FOUND
[PROXY IE] HKCU\[...]\Internet Settings : ProxyServer (10.10.10.1:808) -> FOUND
[HJ] HKLM\[...]\System : EnableLUA (0) -> FOUND
[HJ] HKLM\[...]\Security Center : AntiVirusDisableNotify (1) -> FOUND
[HJ] HKLM\[...]\Security Center : FirewallDisableNotify (1) -> FOUND
[HJ] HKLM\[...]\Security Center : UpdatesDisableNotify (1) -> FOUND
[HJ] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND
[HJ] HKCU\[...]\ClassicStartMenu : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND
[HJ] HKCU\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver: [LOADED] ¤¤¤

¤¤¤ Infection : Rogue.AntiSpy-ST ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
127.0.0.1       localhost


¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: ST9160821AS +++++
--- User ---
[MBR] fa9dc86aed4f70b0c0eee326f650a110
[BSP] 202ce3c1bd9b8e65f31caf3d8756214a : HP tatooed MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 141823 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 290455200 | Size: 10801 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Finished : << RKreport[1].txt >>
RKreport[1].txt