RogueKiller V7.0.2 [01/30/2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Feedback: http://www.geekstogo.com/forum/files/file/413-roguekiller/
Blog: http://tigzyrk.blogspot.com

Operating System: Windows Vista (6.0.6002 Service Pack 2) 32 bits version
Started in : Safe mode with network support
User: Wolfi [Admin rights]
Mode: Remove -- Date : 02/04/2012 18:18:33

¤¤¤ Bad processes: 2 ¤¤¤
[SUSP PATH] mbamext.dll -- C:\Users\Wolfi\Desktop\Malwarebytes' Anti-Malware\mbamext.dll -> UNLOADED
[SUSP PATH] system32CmdLineExt.dll -- C:\Windows\system32CmdLineExt.dll -> UNLOADED

¤¤¤ Registry Entries: 8 ¤¤¤
[PROXY IE] HKCU\[...]\Internet Settings : ProxyServer (hxxpwww-proxy.t-online.de:80;ftp=ftp-proxy.t-online.de:80) -> NOT REMOVED, USE PROXYFIX
[HJ] HKLM\[...]\System : EnableLUA (0) -> REPLACED (1)
[HJ] HKCU\[...]\Advanced : Start_ShowPrinters (0) -> REPLACED (1)
[HJ] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REPLACED (0)
[HJ] HKCU\[...]\ClassicStartMenu : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REPLACED (0)
[HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)
[HJ] HKCU\[...]\ClassicStartMenu : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)
[HJ] HKCU\[...]\ClassicStartMenu : {645FF040-5081-101B-9F08-00AA002F954E} (1) -> REPLACED (0)

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver: [NOT LOADED] ¤¤¤

¤¤¤ Infection :  ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
ÿþ1

¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: SAMSUNG HD502IJ ATA Device +++++
--- User ---
[MBR] d5dc17348ca798b0fbd579e46a9db753
[BSP] 6f56f8412a9b55a2bd6660ca7635066c : Windows Vista MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 476936 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Finished : << RKreport[2].txt >>
RKreport[1].txt ; RKreport[2].txt