RogueKiller V10.8.2.0 [Jun  9 2015] by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Website : http://www.adlice.com/softwares/roguekiller/
Blog : http://www.adlice.com

Operating System : Windows 7 (6.1.7600 ) 64 bits version
Started in : Normal mode
User : Steven [Administrator]
Started from : C:\Users\Steven.Steven-PC\Desktop\RogueKiller.exe
Mode : Scan -- Date : 06/14/2015  08:25:25

¤¤¤ Processes : 1 ¤¤¤
[Suspicious.Path] DellSystemDetect.exe(3660) -- C:\Users\Steven.Steven-PC\AppData\Local\Apps\2.0\ZTHCPYXZ.HDR\GCG5ADT7.AY7\dell..tion_0f612f649c4a10af_0005.0008_a4204ff54ae5d3ac\DellSystemDetect.exe[-] -> Killed [TermProc]

¤¤¤ Registry : 8 ¤¤¤
[Suspicious.Path] (X64) HKEY_USERS\S-1-5-21-4029747782-3714501738-2995947912-1000\Software\Microsoft\Windows\CurrentVersion\Run | DellSystemDetect : C:\Users\Steven.Steven-PC\AppData\Local\Apps\2.0\ZTHCPYXZ.HDR\GCG5ADT7.AY7\dell..tion_0f612f649c4a10af_0005.0008_a4204ff54ae5d3ac\DellSystemDetect.exe [-] -> Found
[Suspicious.Path] (X86) HKEY_USERS\S-1-5-21-4029747782-3714501738-2995947912-1000\Software\Microsoft\Windows\CurrentVersion\Run | DellSystemDetect : C:\Users\Steven.Steven-PC\AppData\Local\Apps\2.0\ZTHCPYXZ.HDR\GCG5ADT7.AY7\dell..tion_0f612f649c4a10af_0005.0008_a4204ff54ae5d3ac\DellSystemDetect.exe [-] -> Found
[Suspicious.Path] (X64) HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce | {91120000-002F-0000-0000-0000000FF1CE} : C:\Windows\system32\cmd.exe /C del "C:\ProgramData\Microsoft Help\Rgstrtn.lck" /Q /A:H [7][x][x][x][x][x] -> Found
[Suspicious.Path] (X86) HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce | {91120000-002F-0000-0000-0000000FF1CE} : C:\Windows\system32\cmd.exe /C del "C:\ProgramData\Microsoft Help\Rgstrtn.lck" /Q /A:H [7][x][x][x][x][x] -> Found
[Suspicious.Path] (X64) HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce | {91120000-002F-0000-0000-0000000FF1CE} : C:\Windows\system32\cmd.exe /C del "C:\ProgramData\Microsoft Help\Rgstrtn.lck" /Q /A:H [7][x][x][x][x][x] -> Found
[Suspicious.Path] (X86) HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce | {91120000-002F-0000-0000-0000000FF1CE} : C:\Windows\system32\cmd.exe /C del "C:\ProgramData\Microsoft Help\Rgstrtn.lck" /Q /A:H [7][x][x][x][x][x] -> Found
[PUM.Policies] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | ConsentPromptBehaviorAdmin : 0  -> Found
[PUM.Policies] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | ConsentPromptBehaviorAdmin : 0  -> Found

¤¤¤ Tasks : 0 ¤¤¤

¤¤¤ Files : 0 ¤¤¤

¤¤¤ Hosts File : 0 ¤¤¤

¤¤¤ Antirootkit : 0 (Driver: Not loaded [0xc000036b]) ¤¤¤

¤¤¤ Web browsers : 0 ¤¤¤

¤¤¤ MBR Check : ¤¤¤
+++++ PhysicalDrive0:  +++++
--- User ---
[MBR] 3b7e668c2d6cead6139382d4b580ad99
[BSP] 30da46d5d652c93986dfae5aa45716de : Windows Vista/7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 100 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 206848 | Size: 953767 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
User = LL1 ... OK
User = LL2 ... OK

+++++ PhysicalDrive1:  +++++
Error reading User MBR! NOT VALID!
Error reading LL1 MBR! NOT VALID!
Error reading LL2 MBR! NOT VALID!

+++++ PhysicalDrive2:  +++++
--- User ---
[MBR] 151b4a916f490d995dc10986cfb65163
[BSP] ec038f3ca5091360f60d743d6f1c7fdb : Legit.Unknown MBR Code
Partition table:
0 - [XXXXXX] FAT32 (0xb) [VISIBLE] Offset (sectors): 1032 | Size: 3851 MB
User = LL1 ... OK
Error reading LL2 MBR! ([32] The request is not supported. )

+++++ PhysicalDrive3:  +++++
Error reading User MBR! ([15] The device is not ready. )
Error reading LL1 MBR! NOT VALID!
Error reading LL2 MBR! ([32] The request is not supported. )

+++++ PhysicalDrive4:  +++++
Error reading User MBR! ([15] The device is not ready. )
Error reading LL1 MBR! NOT VALID!
Error reading LL2 MBR! ([32] The request is not supported. )

+++++ PhysicalDrive5:  +++++
Error reading User MBR! ([15] The device is not ready. )
Error reading LL1 MBR! NOT VALID!
Error reading LL2 MBR! ([32] The request is not supported. )

+++++ PhysicalDrive6:  +++++
Error reading User MBR! ([15] The device is not ready. )
Error reading LL1 MBR! NOT VALID!
Error reading LL2 MBR! ([32] The request is not supported. )


============================================
RKreport_SCN_06142015_073652.log - RKreport_SCN_06142015_075215.log - RKreport_SCN_06142015_080350.log