RogueKiller V8.4.2 [Dec 31 2012] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://www.geekstogo.com/forum/files/file/413-roguekiller/
Website : http://tigzy.geekstogo.com/roguekiller.php
Blog : http://tigzyrk.blogspot.com/

Operating System : Windows Vista (6.0.6002 Service Pack 2) 32 bits version
Started in : Normal mode
User : Magda [Admin rights]
Mode : Scan -- Date : 01/03/2013 15:13:18

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 0 ¤¤¤

¤¤¤ Particular Files / Folders: ¤¤¤
[ZeroAccess][FILE] @ : C:\Windows\Installer\{ab23f06a-9f47-3177-2cd8-3f0b1c2a9e15}\@ --> FOUND
[ZeroAccess][FOLDER] U : C:\Windows\Installer\{ab23f06a-9f47-3177-2cd8-3f0b1c2a9e15}\U --> FOUND
[ZeroAccess][FOLDER] U : C:\Users\Magda\AppData\Local\{ab23f06a-9f47-3177-2cd8-3f0b1c2a9e15}\U --> FOUND
[ZeroAccess][FOLDER] L : C:\Windows\Installer\{ab23f06a-9f47-3177-2cd8-3f0b1c2a9e15}\L --> FOUND
[ZeroAccess][FOLDER] L : C:\Users\Magda\AppData\Local\{ab23f06a-9f47-3177-2cd8-3f0b1c2a9e15}\L --> FOUND
[Susp.ASLR|Sig - ZeroAccess][FILE] services.exe : C:\Windows\system32\services.exe --> FOUND

¤¤¤ Driver : [LOADED] ¤¤¤

¤¤¤ Infection : ZeroAccess ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts

127.0.0.1       localhost
::1             localhost


¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: WDC WD3200BEKT-22KA9T0 ATA Device +++++
--- User ---
[MBR] d4187c3fb6dd5a1f0c40d04b6b9711a8
[BSP] 40ab523c93e9b41b581f4f079fb2cd7b : Windows Vista MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 160524 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 328755200 | Size: 104718 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 543217664 | Size: 40000 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Finished : << RKreport[1]_S_01032013_02d1513.txt >>
RKreport[1]_S_01032013_02d1513.txt