RogueKiller Report...
RogueKiller V12.11.28.0 (x64) [Dec 11 2017] (Free) by Adlice Software
mail :
http://www.adlice.com/contact/
Feedback :
https://forum.adlice.com
Website :
http://www.adlice.com/download/roguekiller/
Blog :
http://www.adlice.com
Operating System : Windows 10 (10.0.16299) 64 bits version
Started in : Normal mode
User : David [Administrator]
Started from : C:\Users\David\Desktop\RogueKiller_portable64.exe
Mode : Delete -- Date : 12/16/2017 08:17:59 (Duration : 00:17:32)
¤¤¤ Processes : 0 ¤¤¤
¤¤¤ Registry : 5 ¤¤¤
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\0227731513339079mcinstcleanup (C:\WINDOWS\TEMP\022773~1.EXE -cleanup -nolog) -> Deleted
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {39D961FA-F809-4CAD-8051-09AE79B602DA} : v2.27|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Users\David\AppData\Local\Temp\7zS3AF4\HPDiagnosticCoreUI.exe|Name=HPSAPS| [x] -> Deleted
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {49473FF0-5C60-45A2-9A69-B32E7B91D1C8} : v2.27|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Users\David\AppData\Local\Temp\7zS3AF4\HPDiagnosticCoreUI.exe|Name=HPSAPS| [x] -> Deleted
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {4D42136A-8C77-435F-B0CA-BF3D4263D817} : v2.27|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Users\David\AppData\Local\Temp\7zS335F\HPDiagnosticCoreUI.exe|Name=HPSAPS| [x] -> Deleted
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {83EAB9C8-BF23-4ED1-8A9D-63B3A5D3274A} : v2.27|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Users\David\AppData\Local\Temp\7zS335F\HPDiagnosticCoreUI.exe|Name=HPSAPS| [x] -> Deleted
¤¤¤ Tasks : 0 ¤¤¤
¤¤¤ Files : 0 ¤¤¤
¤¤¤ WMI : 0 ¤¤¤
¤¤¤ Hosts File : 0 ¤¤¤
¤¤¤ Antirootkit : 0 (Driver: Loaded) ¤¤¤
¤¤¤ Web browsers : 0 ¤¤¤
¤¤¤ MBR Check : ¤¤¤
+++++ PhysicalDrive0: NVMe THNSN5256GPUK NV +++++
--- User ---
[MBR] d86ea9786fb2a594c88c07fc159de698
[BSP] c0e201135da5088ad1575ae55ae463d6 : Empty|VT.Unknown MBR Code
Partition table:
0 - [MAN-MOUNT] EFI system partition | Offset (sectors): 2048 | Size: 500 MB
1 - [MAN-MOUNT] Microsoft reserved partition | Offset (sectors): 1026048 | Size: 128 MB
2 - Basic data partition | Offset (sectors): 1288192 | Size: 232385 MB
3 - [SYSTEM][MAN-MOUNT] | Offset (sectors): 477212672 | Size: 450 MB
4 - [SYSTEM][MAN-MOUNT] | Offset (sectors): 478134272 | Size: 9627 MB
5 - [SYSTEM][MAN-MOUNT] | Offset (sectors): 497852416 | Size: 1106 MB
User = LL1 ... OK
Error reading LL2 MBR! NOT VALID!