RogueKiller V8.5.2 [Feb 23 2013] by Tigzy mail : tigzyRKgmailcom Feedback : http://www.geekstogo.com/forum/files/file/413-roguekiller/ Website : http://tigzy.geekstogo.com/roguekiller.php Blog : http://tigzyrk.blogspot.com/ Operating System : Windows XP (5.1.2600 Service Pack 3) 32 bits version Started in : Normal mode User : FREDA [Admin rights] Mode : Scan -- Date : 02/26/2013 17:26:44 | ARK || FAK || MBR | ¤¤¤ Bad processes : 0 ¤¤¤ ¤¤¤ Registry Entries : 3 ¤¤¤ [TASK][SUSP PATH] ROC_REG_JAN_DELETE.job : C:\Documents and Settings\All Users\Application Data\AVG January 2013 Campaign\ROC.exe /DELETE_FROM_SYSTEM=1 [7] -> FOUND [TASK][SUSP PATH] ROC_REG_JAN.job : C:\Documents and Settings\All Users\Application Data\AVG January 2013 Campaign\ROC.exe /TASK_REGISTER [7] -> FOUND [HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND ¤¤¤ Particular Files / Folders: ¤¤¤ ¤¤¤ Driver : [LOADED] ¤¤¤ ¤¤¤ HOSTS File: ¤¤¤ --> C:\WINDOWS\system32\drivers\etc\hosts 127.0.0.1 localhost 127.0.0.1 -h-n7y15mc.firoli-sys.com 127.0.0.1 007guard.com 127.0.0.1 www.007guard.com 127.0.0.1 008i.com 127.0.0.1 008k.com 127.0.0.1 www.008k.com 127.0.0.1 00hq.com 127.0.0.1 www.00hq.com 127.0.0.1 010402.com 127.0.0.1 032439.com 127.0.0.1 www.032439.com 127.0.0.1 0scan.com 127.0.0.1 www.0scan.com 127.0.0.1 1-2005-search.com 127.0.0.1 www.1-2005-search.com 127.0.0.1 1-domains-registrations.com 127.0.0.1 www.1-domains-registrations.com 127.0.0.1 1000gratisproben.com 127.0.0.1 www.1000gratisproben.com [...] ¤¤¤ MBR Check: ¤¤¤ +++++ PhysicalDrive0: SAMSUNG HD502IJ +++++ --- User --- [MBR] 45ddf30012c31eff4afde8a7c45e2bee [BSP] 57ebeff2313f991a6fe753b171cc7198 : Windows Vista MBR Code Partition table: 0 - [XXXXXX] DELL-UTIL (0xde) [VISIBLE] Offset (sectors): 63 | Size: 39 Mo 1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 81920 | Size: 476899 Mo User = LL1 ... OK! User = LL2 ... OK! Finished : << RKreport[1]_S_02262013_02d1726.txt >> RKreport[1]_S_02262013_02d1726.txt