RogueKiller V8.4.2 [Jan  6 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://www.geekstogo.com/forum/files/file/413-roguekiller/
Website : http://tigzy.geekstogo.com/roguekiller.php
Blog : http://tigzyrk.blogspot.com/

Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : user [Admin rights]
Mode : Scan -- Date : 02/02/2013 02:21:58

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 6 ¤¤¤
[TASK][ROGUE ST] 0 : c:\program files (x86)\internet explorer\iexplore.exe  -> FOUND
[TASK][ROGUE ST] 4628 : wscript.exe C:\Users\user\AppData\Local\Temp\launchie.vbs //B -> FOUND
[PROXY IE] HKCU\[...]\Internet Settings : ProxyServer (hxxp=127.0.0.1:49515) -> FOUND
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND
[HJ INPROC][ZeroAccess] HKCR\[...]\InprocServer32 :  (C:\Users\user\AppData\Local\{c60d1430-734f-fd1d-2598-d70c97516b7c}\n.) -> FOUND

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [NOT LOADED] ¤¤¤

¤¤¤ Infection : ZeroAccess ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts

127.0.0.1	www.007guard.com
127.0.0.1	007guard.com
127.0.0.1	008i.com
127.0.0.1	www.008k.com
127.0.0.1	008k.com
127.0.0.1	www.00hq.com
127.0.0.1	00hq.com
127.0.0.1	010402.com
127.0.0.1	www.032439.com
127.0.0.1	032439.com
127.0.0.1	www.0scan.com
127.0.0.1	0scan.com
127.0.0.1	www.1000gratisproben.com
127.0.0.1	1000gratisproben.com
127.0.0.1	1001namen.com
127.0.0.1	www.1001namen.com
127.0.0.1	100888290cs.com
127.0.0.1	www.100888290cs.com
127.0.0.1	www.100sexlinks.com
127.0.0.1	100sexlinks.com
[...]


¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: WDC WD5000BEVT-22A0RT0 +++++
--- User ---
[MBR] 4e8e69a77f747ce923ff2dde0c8b4cb2
[BSP] 48c98a6bca4ddf68176a47ae92143628 : Windows Vista MBR Code
Partition table:
0 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 12000 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 24578048 | Size: 100 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 24782848 | Size: 464838 Mo
User = LL1 ... OK!
User = LL2 ... OK!

+++++ PhysicalDrive1: LaCie iamaKey USB Device +++++
--- User ---
[MBR] 2946a9cc5da205995baa07cc22787454
[BSP] 9f05f5fe418fbd4c842ce60a50410a92 : MBR Code unknown
Partition table:
0 - [XXXXXX] UNKNOWN (0x68) [VISIBLE] Offset (sectors): 1936028272 | Size: 904228 Mo
1 - [XXXXXX] UNKNOWN (0x79) [VISIBLE] Offset (sectors): 1330184192 | Size: 263172 Mo
2 - [XXXXXX] DISKMNG (0x53) [VISIBLE] Offset (sectors): 538989391 | Size: 682794 Mo
3 - [XXXXXX] UNKNOWN (0x49) [VISIBLE] Offset (sectors): 1394627663 | Size: 10 Mo
User = LL1 ... OK!
Error reading LL2 MBR!

Finished : << RKreport[1]_S_02022013_02d0221.txt >>
RKreport[1]_S_02022013_02d0221.txt