RogueKiller V7.3.1 [03/10/2012] by Tigzy mail: tigzyRKgmailcom Feedback: http://www.geekstogo.com/forum/files/file/413-roguekiller/ Blog: http://tigzyrk.blogspot.com Operating System: Windows 7 (6.1.7601 Service Pack 1) 64 bits version Started in : Safe mode with network support User: toni rucosky [Admin rights] Mode: Remove -- Date: 03/12/2012 18:08:09 ¤¤¤ Bad processes: 0 ¤¤¤ ¤¤¤ Registry Entries: 18 ¤¤¤ [SUSP PATH] HKCU\[...]\Run : gWLwiaDlyb.exe (C:\ProgramData\gWLwiaDlyb.exe) -> DELETED [WallPP] HKCU\[...]\Desktop : Wallpaper () -> REPLACED (C:\Users\toni rucosky\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg) [HJ] HKCU\[...]\Advanced : Start_ShowMyDocs (0) -> REPLACED (1) [HJ] HKCU\[...]\Advanced : Start_ShowRecentDocs (0) -> REPLACED (1) [HJ] HKCU\[...]\Advanced : Start_ShowUser (0) -> REPLACED (1) [HJ] HKCU\[...]\Advanced : Start_ShowMyPics (0) -> REPLACED (1) [HJ] HKCU\[...]\Advanced : Start_ShowMyGames (0) -> REPLACED (1) [HJ] HKCU\[...]\Advanced : Start_ShowMyMusic (0) -> REPLACED (1) [HJ] HKCU\[...]\Advanced : Start_ShowControlPanel (0) -> REPLACED (1) [HJ] HKCU\[...]\Advanced : Start_ShowHelp (0) -> REPLACED (1) [HJ] HKCU\[...]\Advanced : Start_ShowPrinters (0) -> REPLACED (1) [HJ] HKCU\[...]\Advanced : Start_ShowRun (0) -> REPLACED (1) [HJ] HKCU\[...]\Advanced : Start_ShowSetProgramAccessAndDefaults (0) -> REPLACED (1) [HJ] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REPLACED (0) [HJ] HKCU\[...]\ClassicStartMenu : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REPLACED (0) [HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0) [HJ] HKCU\[...]\ClassicStartMenu : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0) [HJ] HKCU\[...]\ClassicStartMenu : {645FF040-5081-101B-9F08-00AA002F954E} (1) -> REPLACED (0) ¤¤¤ Particular Files / Folders: ¤¤¤ ¤¤¤ Driver: [NOT LOADED] ¤¤¤ ¤¤¤ Infection : ¤¤¤ ¤¤¤ HOSTS File: ¤¤¤ ¤¤¤ MBR Check: ¤¤¤ +++++ PhysicalDrive0: Hitachi HTS545032B9A300 ATA Device +++++ --- User --- [MBR] 072f44f8d548fc7b0b2f5fd8ec546327 [BSP] c1c4bf4f26c84138b0000f706076ae20 : Windows Vista/7 MBR Code Partition table: 0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 199 Mo 1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 409600 | Size: 292632 Mo 2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 599719936 | Size: 12412 Mo User = LL1 ... OK! User = LL2 ... OK! +++++ PhysicalDrive1: Sony Storage Media USB Device +++++ --- User --- [MBR] 1149ebb9ec71799bf40aa5a71b536f9d [BSP] 33a07a59d299ab4ea9f4ab0156f9d86f : Windows XP MBR Code Partition table: 0 - [XXXXXX] FAT16 (0x04) [VISIBLE] Offset (sectors): 32 | Size: 495 Mo User = LL1 ... OK! Error reading LL2 MBR! Finished : << RKreport[2].txt >> RKreport[1].txt ; RKreport[2].txt