RogueKiller V6.2.4 [01/12/2012] by Tigzy mail: tigzyRKgmailcom Feedback: http://www.geekstogo.com/forum/files/file/413-roguekiller/ Blog: http://tigzyrk.blogspot.com Operating System: Windows XP (5.1.2600 Service Pack 3) 32 bits version Started in : Normal mode User: Mary Kay [Admin rights] Mode: Remove -- Date : 01/29/2012 16:04:12 ¤¤¤ Bad processes: 0 ¤¤¤ ¤¤¤ Registry Entries: 4 ¤¤¤ [SUSP PATH] HKCU\[...]\Run : Security Protection (C:\Documents and Settings\All Users\Application Data\defender.exe) -> DELETED [PROXY IE] HKCU\[...]\Internet Settings : ProxyEnable (1) -> NOT REMOVED, USE PROXYFIX [PROXY IE] HKCU\[...]\Internet Settings : ProxyServer (hxxp127.0.0.1:5555) -> NOT REMOVED, USE PROXYFIX [DNS] HKLM\[...]\ControlSet003\Parameters\Interfaces\{42AAA1A2-A41E-4C6B-BC89-B07492D6ECB3} : NameServer (93.188.162.149,93.188.160.29) -> NOT REMOVED, USE DNSFIX ¤¤¤ Particular Files / Folders: ¤¤¤ [FOLDER] plugs : c:\documents and settings\mary kay\application data\adobe\plugs --> REMOVED [FILE] thr1.chm : c:\documents and settings\mary kay\application data\adobe\shed\thr1.chm --> REMOVED [FOLDER] shed : c:\documents and settings\mary kay\application data\adobe\shed --> REMOVED ¤¤¤ Driver: [LOADED] ¤¤¤ ¤¤¤ Infection : ¤¤¤ ¤¤¤ HOSTS File: ¤¤¤ 127.0.0.1 localhost ¤¤¤ MBR Check: ¤¤¤ +++++ PhysicalDrive0: +++++ --- User --- [MBR] 3dc4aaf7b36b9be8d1d1084187128be4 [BSP] b72667633f4c7c2babf1970635a88ab8 : MBR Code unknown Partition table: 0 - [XXXXXX] FAT16 [HIDDEN!] Offset (sectors): 63 | Size: 32 Mo 1 - [ACTIVE] NTFS [VISIBLE] Offset (sectors): 64260 | Size: 36553 Mo 2 - [XXXXXX] FAT32 [HIDDEN!] Offset (sectors): 71457120 | Size: 3405 Mo User = LL1 ... OK! User = LL2 ... OK! +++++ PhysicalDrive1: +++++ --- User --- [MBR] 7958267ce3edacd504a037c60a44c77d [BSP] 33a07a59d299ab4ea9f4ab0156f9d86f : Windows XP MBR Code Partition table: 0 - [XXXXXX] FAT16 [VISIBLE] Offset (sectors): 32 | Size: 1006 Mo User = LL1 ... OK! Error reading LL2 MBR! Finished : << RKreport[1].txt >> RKreport[1].txt