Author Topic: Help with report please  (Read 6990 times)

0 Members and 1 Guest are viewing this topic.

September 21, 2014, 09:35:10 AM

ellend

  • Guest
Help with report please
« on: September 21, 2014, 09:35:10 AM »
Hi,  I've just run RK.  My machine has become very slow at random times, so I suspected I had a problem  The report is below.  Can someone help me with this?  Thanks  :)

RogueKiller V9.2.11.0 (x64) [Sep  9 2014] by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Website : http://www.adlice.com/softwares/roguekiller/
Blog : http://www.adlice.com

Operating System : Windows 8.1 (6.3.9200 ) 64 bits version
Started in : Normal mode
User : ellen [Admin rights]
Mode : Scan -- Date : 09/21/2014  17:25:46

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 12 ¤¤¤
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters | DhcpNameServer : 10.1.1.1  -> FOUND
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters | DhcpNameServer : 10.1.1.1  -> FOUND
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{4F209B40-3A8C-4ADD-A8F5-FF14B836C50E} | DhcpNameServer : 10.1.1.1  -> FOUND
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{68BF2A74-F38D-480B-A94D-87A0F742F50A} | DhcpNameServer : 10.10.10.210 10.10.10.211  -> FOUND
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{D91CED97-2747-4807-AB6D-50643F08BF93} | NameServer : 10.4.81.105 10.4.182.22  -> FOUND
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{4F209B40-3A8C-4ADD-A8F5-FF14B836C50E} | DhcpNameServer : 10.1.1.1  -> FOUND
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{68BF2A74-F38D-480B-A94D-87A0F742F50A} | DhcpNameServer : 10.10.10.210 10.10.10.211  -> FOUND
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{D91CED97-2747-4807-AB6D-50643F08BF93} | NameServer : 10.4.81.105 10.4.182.22  -> FOUND
[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1  -> FOUND
[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1  -> FOUND
[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1  -> FOUND
[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1  -> FOUND

¤¤¤ Scheduled tasks : 3 ¤¤¤
[Suspicious.Path] \\ellen -- C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\NBCore.exe ("C:\Users\ellen\AppData\Roaming\Seagate\Seagate Dashboard 2.0\Files\ellen.nji") -> FOUND
[Suspicious.Path] \\ellen Merge -- "C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\NBCore.exe" ("C:\Users\ellen\AppData\Roaming\Seagate\Seagate Dashboard 2.0\Files\ellen Merge.nji") -> FOUND
[Suspicious.Path] \Leader Technologies\PowerRegister\Seagate NA75CPGL Product Registration (ellen) -- C:\Users\ellen\AppData\Roaming\Leadertech\PowerRegister\Seagate NA75CPGL Product Registration.exe (/remind /language=ENA /BDSR="Seagate NA75CPGL") -> FOUND

¤¤¤ Files : 0 ¤¤¤

¤¤¤ HOSTS File : 0 ¤¤¤

¤¤¤ Antirootkit : 0 (Driver: LOADED) ¤¤¤

¤¤¤ Web browsers : 0 ¤¤¤

¤¤¤ MBR Check : ¤¤¤
+++++ PhysicalDrive0:  +++++
--- User ---
[MBR] ad799003f0a5971825a969731312d274
[BSP] 979aa6869dd5040e6e5a97192a9b3e18 : Empty MBR Code
Partition table:
0 - [XXXXXX] UNKNOWN (0x0) [VISIBLE] Offset (sectors): 1 | Size: 2097152 MB
User = LL1 ... OK
User = LL2 ... OK

+++++ PhysicalDrive1:  +++++
Error reading User MBR! ([15] The device is not ready. )
Error reading LL1 MBR! NOT VALID!
Error reading LL2 MBR! ([32] The request is not supported. )

+++++ PhysicalDrive3:  +++++
--- User ---
[MBR] 161e040ba9a815d3ba801d0f59fabd46
[BSP] 59c27b2d87fc2ac11db7363e80aa45e4 : Empty MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 953868 MB
User = LL1 ... OK
Error reading LL2 MBR! ([1] Incorrect function. )


============================================
RKreport_SCN_09212014_151947.log

Reply #1September 21, 2014, 12:13:18 PM

Tigzy

  • Administrator
  • Hero Member

  • Offline
  • *****

  • 954
  • Reputation:
    90
  • Personal Text
    Owner, Adlice Software
    • View Profile
    • Adlice Software
Re: Help with report please
« Reply #1 on: September 21, 2014, 12:13:18 PM »
Hello
Nothing here to remove.

Reply #2September 21, 2014, 12:22:28 PM

ellend

  • Guest
Re: Help with report please
« Reply #2 on: September 21, 2014, 12:22:28 PM »
Thank you.  I thought that PUM.dns was a problem?
« Last Edit: September 21, 2014, 02:54:55 PM by ellend »

Reply #3September 22, 2014, 09:03:51 AM

Tigzy

  • Administrator
  • Hero Member

  • Offline
  • *****

  • 954
  • Reputation:
    90
  • Personal Text
    Owner, Adlice Software
    • View Profile
    • Adlice Software
Re: Help with report please
« Reply #3 on: September 22, 2014, 09:03:51 AM »