RogueKiller V8.1.1 [10/03/2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Feedback: http://www.geekstogo.com/forum/files/file/413-roguekiller/
Website: http://tigzy.geekstogo.com/roguekiller.php
Blog: http://tigzyrk.blogspot.com

Operating System: Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : vice [Admin rights]
Mode : Scan -- Date : 10/15/2012 05:51:33

¤¤¤ Bad processes : 5 ¤¤¤
[SUSP PATH] UpdateClient.exe -- C:\ProgramData\ActivePath\ActiveMail\UpdateClient.exe -> KILLED [TermProc]
[SUSP PATH] UpdateClient.exe -- C:\ProgramData\ActivePath\ActiveMail\UpdateClient.exe -> KILLED [TermProc]
[SVCHOST] svchost.exe -- \\.\globalroot\systemroot\svchost.exe -> KILLED [TermProc]
[RESIDUE] UpdateClient.exe -- C:\ProgramData\ActivePath\ActiveMail\UpdateClient.exe -> KILLED [TermProc]
[RESIDUE] UpdateClient.exe -- C:\ProgramData\ActivePath\ActiveMail\UpdateClient.exe -> KILLED [TermProc]

¤¤¤ Registry Entries : 0 ¤¤¤

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [NOT LOADED] ¤¤¤

¤¤¤ Infection : Root.MBR ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
--> C:\windows\system32\drivers\etc\hosts

127.0.0.1       localhost127.0.0.1       localhost
127.0.0.1	www.007guard.com
127.0.0.1	007guard.com
127.0.0.1	008i.com
127.0.0.1	www.008k.com
127.0.0.1	008k.com
127.0.0.1	www.00hq.com
127.0.0.1	00hq.com
127.0.0.1	010402.com
127.0.0.1	www.032439.com
127.0.0.1	032439.com
127.0.0.1	www.0scan.com
127.0.0.1	0scan.com
127.0.0.1	www.1000gratisproben.com
127.0.0.1	1000gratisproben.com
127.0.0.1	1001namen.com
127.0.0.1	www.1001namen.com
127.0.0.1	100888290cs.com
127.0.0.1	www.100888290cs.com
127.0.0.1	www.100sexlinks.com
[...]


¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: TOSHIBA MK3265GSXN +++++
--- User ---
[MBR] 4bea93d34d9e49269add3a18835bcd14
[BSP] 132a6e70842b1cd2b5f212f0048c8e09 : Windows Vista MBR Code
Partition table:
0 - [ACTIVE] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 1500 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 3074048 | Size: 293184 Mo
2 - [XXXXXX] NTFS (0x17) [HIDDEN!] Offset (sectors): 603514880 | Size: 10560 Mo
User != LL1 ... KO!
--- LL1 ---
[MBR] efbfe2f699f5756e056cc9f7c0ce2c91
[BSP] 132a6e70842b1cd2b5f212f0048c8e09 : Windows Vista MBR Code
Partition table:
1 - [ACTIVE] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 1500 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 3074048 | Size: 293184 Mo
3 - [XXXXXX] NTFS (0x17) [HIDDEN!] Offset (sectors): 603514880 | Size: 10560 Mo
User != LL2 ... KO!
--- LL2 ---
[MBR] efbfe2f699f5756e056cc9f7c0ce2c91
[BSP] 132a6e70842b1cd2b5f212f0048c8e09 : Windows Vista MBR Code
Partition table:
1 - [ACTIVE] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 1500 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 3074048 | Size: 293184 Mo
3 - [XXXXXX] NTFS (0x17) [HIDDEN!] Offset (sectors): 603514880 | Size: 10560 Mo

Finished : << RKreport[13].txt >>
RKreport[10].txt ; RKreport[11].txt ; RKreport[12].txt ; RKreport[13].txt ; RKreport[1].txt ; 
RKreport[2].txt ; RKreport[3].txt ; RKreport[4].txt ; RKreport[5].txt ; RKreport[6].txt ; 
RKreport[7].txt ; RKreport[8].txt ; RKreport[9].txt