RogueKiller V9.2.12.0 (x64) [Sep 23 2014] by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Website : http://www.adlice.com/softwares/roguekiller/
Blog : http://www.adlice.com

Operating System : Windows 8.1 (6.3.9200 ) 64 bits version
Started in : Normal mode
User : AxDsan [Admin rights]
Mode : Scan -- Date : 09/24/2014  16:30:31

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 10 ¤¤¤
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\KIKIDRIVER (\??\C:\Users\AxDsan\Desktop\Xeno Engine\kiki.sys) -> FOUND
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\VBCoreNT.1 (\SystemRoot\System32\Filt\tmp\768g92kx.vbt) -> FOUND
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\KIKIDRIVER (\??\C:\Users\AxDsan\Desktop\Xeno Engine\kiki.sys) -> FOUND
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\VBCoreNT.1 (\SystemRoot\System32\Filt\tmp\768g92kx.vbt) -> FOUND
[PUM.Policies] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | ConsentPromptBehaviorAdmin : 0  -> FOUND
[PUM.Policies] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | ConsentPromptBehaviorAdmin : 0  -> FOUND
[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1  -> FOUND
[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1  -> FOUND
[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1  -> FOUND
[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1  -> FOUND

¤¤¤ Scheduled tasks : 0 ¤¤¤

¤¤¤ Files : 0 ¤¤¤

¤¤¤ HOSTS File : 0 ¤¤¤

¤¤¤ Antirootkit : 20 (Driver: LOADED) ¤¤¤
[IRP:Addr(Hook.IRP)] \SystemRoot\System32\drivers\kbdhid.sys - IRP_MJ_READ[3] : C:\Windows\system32\drivers\EagleX64.sys @ 0x4b1c260
[IRP:Addr(Hook.IRP)] \SystemRoot\System32\drivers\kbdhid.sys - IRP_MJ_PNP[27] : C:\Windows\system32\drivers\EagleX64.sys @ 0x4b1c570
[EAT:Addr] (explorer.exe) sfc.dll - BeginFileMapEnumeration : C:\Windows\System32\sfc_os.dll @ 0x7ff80a2859e8
[EAT:Addr] (explorer.exe) sfc.dll - CloseFileMapEnumeration : C:\Windows\System32\sfc_os.dll @ 0x7ff80a285a50
[EAT:Addr] (explorer.exe) sfc.dll - GetNextFileMapContent : C:\Windows\System32\sfc_os.dll @ 0x7ff80a285a9c
[EAT:Addr] (explorer.exe) sfc.dll - SRSetRestorePointA : C:\Windows\System32\sfc_os.dll @ 0x7ff80a285c10
[EAT:Addr] (explorer.exe) sfc.dll - SRSetRestorePointW : C:\Windows\System32\sfc_os.dll @ 0x7ff80a285cd0
[EAT:Addr] (explorer.exe) sfc.dll - SfcClose : C:\Windows\System32\sfc_os.dll @ 0x7ff80a282784
[EAT:Addr] (explorer.exe) sfc.dll - SfcConnectToServer : C:\Windows\System32\sfc_os.dll @ 0x7ff80a283820
[EAT:Addr] (explorer.exe) sfc.dll - SfcFileException : C:\Windows\System32\sfc_os.dll @ 0x7ff80a283820
[EAT:Addr] (explorer.exe) sfc.dll - SfcGetNextProtectedFile : C:\Windows\System32\sfc_os.dll @ 0x7ff80a285b58
[EAT:Addr] (explorer.exe) sfc.dll - SfcInitProt : C:\Windows\System32\sfc_os.dll @ 0x7ff80a285d84
[EAT:Addr] (explorer.exe) sfc.dll - SfcInitiateScan : C:\Windows\System32\sfc_os.dll @ 0x7ff80a283820
[EAT:Addr] (explorer.exe) sfc.dll - SfcInstallProtectedFiles : C:\Windows\System32\sfc_os.dll @ 0x7ff80a283820
[EAT:Addr] (explorer.exe) sfc.dll - SfcIsFileProtected : C:\Windows\System32\sfc_os.dll @ 0x7ff80a2814c0
[EAT:Addr] (explorer.exe) sfc.dll - SfcIsKeyProtected : C:\Windows\System32\sfc_os.dll @ 0x7ff80a283830
[EAT:Addr] (explorer.exe) sfc.dll - SfcTerminateWatcherThread : C:\Windows\System32\sfc_os.dll @ 0x7ff80a282784
[EAT:Addr] (explorer.exe) sfc.dll - SfpDeleteCatalog : C:\Windows\System32\sfc_os.dll @ 0x7ff80a285d84
[EAT:Addr] (explorer.exe) sfc.dll - SfpInstallCatalog : C:\Windows\System32\sfc_os.dll @ 0x7ff80a285d84
[EAT:Addr] (explorer.exe) sfc.dll - SfpVerifyFile : C:\Windows\System32\sfc_os.dll @ 0x7ff80a285d90

¤¤¤ Web browsers : 0 ¤¤¤

¤¤¤ MBR Check : ¤¤¤
+++++ PhysicalDrive0:  +++++
--- User ---
[MBR] 5915d67d54836eb3cd8049d5b579dd47
[BSP] 2b314a8febe1ae0cace4d4f9c333368b : Windows Vista/7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 350 MB
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 718848 | Size: 238123 MB
User = LL1 ... OK
User = LL2 ... OK