RogueKiller V8.8.4 [Jan 27 2014] by Tigzy mail : tigzyRKgmailcom Feedback : http://www.adlice.com/forum/ Website : http://www.adlice.com/softwares/roguekiller/ Blog : http://www.adlice.com Operating System : Windows Vista (6.0.6002 Service Pack 2) 32 bits version Started in : Normal mode User : DADDY-O [Admin rights] Mode : Scan -- Date : 01/29/2014 15:58:07 | ARK || FAK || MBR | ¤¤¤ Bad processes : 0 ¤¤¤ ¤¤¤ Registry Entries : 8 ¤¤¤ [HJ POL][PUM] HKCU\[...]\System : DisableRegistryTools (0) -> FOUND [HJ POL][PUM] HKLM\[...]\System : DisableRegistryTools (0) -> FOUND [HJ POL][PUM] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> FOUND [HJ POL][PUM] HKLM\[...]\System : EnableLUA (0) -> FOUND [HJ SMENU][PUM] HKCU\[...]\Advanced : Start_ShowPrinters (0) -> FOUND [HJ SMENU][PUM] HKCU\[...]\Advanced : Start_ShowSetProgramAccessAndDefaults (0) -> FOUND [HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND [HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND ¤¤¤ Scheduled tasks : 0 ¤¤¤ ¤¤¤ Startup Entries : 0 ¤¤¤ ¤¤¤ Web browsers : 0 ¤¤¤ ¤¤¤ Browser Addons : 0 ¤¤¤ ¤¤¤ Particular Files / Folders: ¤¤¤ ¤¤¤ Driver : [LOADED] ¤¤¤ [Inline] EAT @firefox.exe (?UndefinedHandleValue@JS@@3V?$Handle@VValue@JS@@@1@B) : mozjs.dll -> HOOKED (C:\Program Files\Mozilla Firefox\freebl3.dll @ 0x64B804B1) [Inline] EAT @firefox.exe (?singleton@CrossCompartmentWrapper@js@@2V12@A) : mozjs.dll -> HOOKED (Unknown @ 0x4CB7C9CC) [Inline] EAT @firefox.exe (?singleton@Wrapper@js@@2V12@A) : mozjs.dll -> HOOKED (C:\Program Files\Mozilla Firefox\freebl3.dll @ 0x64B7CEDC) [Inline] EAT @firefox.exe (?singletonWithPrototype@Wrapper@js@@2V12@A) : mozjs.dll -> HOOKED (Unknown @ 0x65B7CEF0) ¤¤¤ External Hives: ¤¤¤ ¤¤¤ Infection : ¤¤¤ ¤¤¤ HOSTS File: ¤¤¤ --> %SystemRoot%\System32\drivers\etc\hosts 127.0.0.1 localhost ¤¤¤ MBR Check: ¤¤¤ +++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) ST380013AS ATA Device +++++ --- User --- [MBR] b8ef185b4bfceef034caf202aea5fef8 [BSP] 25217f1d834d2d2bc0688fdcf1799a76 : Windows Vista MBR Code Partition table: 0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 76291 Mo User = LL1 ... OK! User = LL2 ... OK! +++++ PhysicalDrive1: (\\.\PHYSICALDRIVE1 @ IDE) WDC WD7501AALS-00J7B0 ATA Device +++++ --- User --- [MBR] 3fc3e31a3e146728ec1404decde90011 [BSP] b47d86afc80c5f1c919cf945f883ca51 : Windows Vista MBR Code Partition table: 0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 199996 Mo 1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 409593856 | Size: 250000 Mo 2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 921593856 | Size: 265406 Mo User = LL1 ... OK! User = LL2 ... OK! Finished : << RKreport[0]_S_01292014_155807.txt >>