RogueKiller V12.2.1.0 [May 16 2016] (Premium) by Adlice Software mail : http://www.adlice.com/contact/ Feedback : http://forum.adlice.com Website : http://www.adlice.com/software/roguekiller/ Blog : http://www.adlice.com Operating System : Windows 7 (6.1.7601 Service Pack 1) 32 bits version Started in : Normal mode User : ahmed [Administrator] Started from : F:\RogueKiller.exe Mode : Scan -- Date : 05/22/2016 19:14:02 ¤¤¤ Processes : 0 ¤¤¤ ¤¤¤ Registry : 5 ¤¤¤ [Hidden.From.SCM] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\tsusbhub (system32\drivers\tsusbhub.sys) -> Found [PUM.Proxy] HKEY_USERS\S-1-5-21-1492026092-2507368824-3614128289-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings | AutoConfigUrl : http://unstops.biz/wpad.dat?d1d4ea662e6c1451492444d1d9f13b2b10288178 -> Found [PUM.Proxy] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\NlaSvc\Parameters\Internet\ManualProxies | (default) : 0http://unstops.biz/wpad.dat?d1d4ea662e6c1451492444d1d9f13b2b10288178 -> Found [PUM.Proxy] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\NlaSvc\Parameters\Internet\ManualProxies | (default) : 0http://unstops.biz/wpad.dat?d1d4ea662e6c1451492444d1d9f13b2b10288178 -> Found [PUM.Proxy] HKEY_LOCAL_MACHINE\System\ControlSet002\Services\NlaSvc\Parameters\Internet\ManualProxies | (default) : 0http://unstops.biz/wpad.dat?d1d4ea662e6c1451492444d1d9f13b2b10288178 -> Found ¤¤¤ Tasks : 2 ¤¤¤ [Suspicious.Path] \Format Factory -- "C:\Users\ahmed\AppData\Local\Temp\is-TVV8G.tmp\prsetup.exe" ("/logon") -> Found [Suspicious.Path] \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -- C:\Program Files\Microsoft Security Client\MpCmdRun.exe (Scan -ScheduleJob -RestrictPrivileges) -> Found ¤¤¤ Files : 0 ¤¤¤ ¤¤¤ Hosts File : 0 ¤¤¤ ¤¤¤ Antirootkit : 0 (Driver: Loaded) ¤¤¤ ¤¤¤ Web browsers : 0 ¤¤¤ ¤¤¤ MBR Check : ¤¤¤ +++++ PhysicalDrive0: WDC WD10EZEX-00BN5A0 ATA Device +++++ --- User --- [MBR] ad7c8f666b53bfc74f80312327896c4a [BSP] ac217aef9c433eab02fa5f64e77747b6 : Windows Vista/7/8|VT.Unknown MBR Code Partition table: 0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 81920 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader] 1 - [XXXXXX] EXTEN-LBA (0xf) [VISIBLE] Offset (sectors): 167776193 | Size: 871947 MB User = LL1 ... OK User = LL2 ... OK +++++ PhysicalDrive1: Multiple Card Reader USB Device +++++ Error reading User MBR! ([15] ???????? ??? ????. ) Error reading LL1 MBR! NOT VALID! Error reading LL2 MBR! ([32] ??????? ??? ?????. ) +++++ PhysicalDrive2: Kingston DataTraveler 109 USB Device +++++ --- User --- [MBR] 75664665b60a924ad84b7716a67473f4 [BSP] c000f93bcabbe934e2bfe927dde72393 : Standard MBR Code Partition table: 3 - [ACTIVE] FAT32 (0xb) [VISIBLE] Offset (sectors): 256 | Size: 7635 MB User = LL1 ... OK Error reading LL2 MBR! ([32] ??????? ??? ?????. )