RogueKiller V9.2.13.0 (x64) [Sep 25 2014] by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Website : http://www.adlice.com/softwares/roguekiller/
Blog : http://www.adlice.com

Operating System : Windows 8.1 (6.3.9200 ) 64 bits version
Started in : Normal mode
User : AxDsan [Admin rights]
Mode : Remove -- Date : 09/25/2014  23:08:30

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 3 ¤¤¤
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\VBCoreNT.0 (\SystemRoot\System32\Filt\tmp\8s89qcmg.vbt) -> ERROR [5]
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\VBCoreNT.0 (\SystemRoot\System32\Filt\tmp\8s89qcmg.vbt) -> ERROR [5]
[Tr.Poweliks] (X64) HKEY_USERS\S-1-5-21-3858576538-1800357988-639096320-1001\Software\classes\clsid\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5} -> DELETED

¤¤¤ Scheduled tasks : 0 ¤¤¤

¤¤¤ Files : 0 ¤¤¤

¤¤¤ HOSTS File : 0 ¤¤¤

¤¤¤ Antirootkit : 18 (Driver: LOADED) ¤¤¤
[EAT:Addr] (explorer.exe) sfc.dll - BeginFileMapEnumeration : C:\Windows\System32\sfc_os.dll @ 0x7ffa1e9b59e8
[EAT:Addr] (explorer.exe) sfc.dll - CloseFileMapEnumeration : C:\Windows\System32\sfc_os.dll @ 0x7ffa1e9b5a50
[EAT:Addr] (explorer.exe) sfc.dll - GetNextFileMapContent : C:\Windows\System32\sfc_os.dll @ 0x7ffa1e9b5a9c
[EAT:Addr] (explorer.exe) sfc.dll - SRSetRestorePointA : C:\Windows\System32\sfc_os.dll @ 0x7ffa1e9b5c10
[EAT:Addr] (explorer.exe) sfc.dll - SRSetRestorePointW : C:\Windows\System32\sfc_os.dll @ 0x7ffa1e9b5cd0
[EAT:Addr] (explorer.exe) sfc.dll - SfcClose : C:\Windows\System32\sfc_os.dll @ 0x7ffa1e9b2784
[EAT:Addr] (explorer.exe) sfc.dll - SfcConnectToServer : C:\Windows\System32\sfc_os.dll @ 0x7ffa1e9b3820
[EAT:Addr] (explorer.exe) sfc.dll - SfcFileException : C:\Windows\System32\sfc_os.dll @ 0x7ffa1e9b3820
[EAT:Addr] (explorer.exe) sfc.dll - SfcGetNextProtectedFile : C:\Windows\System32\sfc_os.dll @ 0x7ffa1e9b5b58
[EAT:Addr] (explorer.exe) sfc.dll - SfcInitProt : C:\Windows\System32\sfc_os.dll @ 0x7ffa1e9b5d84
[EAT:Addr] (explorer.exe) sfc.dll - SfcInitiateScan : C:\Windows\System32\sfc_os.dll @ 0x7ffa1e9b3820
[EAT:Addr] (explorer.exe) sfc.dll - SfcInstallProtectedFiles : C:\Windows\System32\sfc_os.dll @ 0x7ffa1e9b3820
[EAT:Addr] (explorer.exe) sfc.dll - SfcIsFileProtected : C:\Windows\System32\sfc_os.dll @ 0x7ffa1e9b14c0
[EAT:Addr] (explorer.exe) sfc.dll - SfcIsKeyProtected : C:\Windows\System32\sfc_os.dll @ 0x7ffa1e9b3830
[EAT:Addr] (explorer.exe) sfc.dll - SfcTerminateWatcherThread : C:\Windows\System32\sfc_os.dll @ 0x7ffa1e9b2784
[EAT:Addr] (explorer.exe) sfc.dll - SfpDeleteCatalog : C:\Windows\System32\sfc_os.dll @ 0x7ffa1e9b5d84
[EAT:Addr] (explorer.exe) sfc.dll - SfpInstallCatalog : C:\Windows\System32\sfc_os.dll @ 0x7ffa1e9b5d84
[EAT:Addr] (explorer.exe) sfc.dll - SfpVerifyFile : C:\Windows\System32\sfc_os.dll @ 0x7ffa1e9b5d90

¤¤¤ Web browsers : 0 ¤¤¤

¤¤¤ MBR Check : ¤¤¤
+++++ PhysicalDrive0: ST3250312AS +++++
--- User ---
[MBR] 5915d67d54836eb3cd8049d5b579dd47
[BSP] 2b314a8febe1ae0cace4d4f9c333368b : Windows Vista/7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 350 MB
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 718848 | Size: 238123 MB
User = LL1 ... OK
User = LL2 ... OK


============================================
RKreport_DEL_09242014_163336.log - RKreport_SCN_09242014_163031.log - RKreport_SCN_09252014_230732.log