Hello ,RogueKiller detected 3 other things in the anti rootkit tab today can you tell me if these are false positives too ? or am I infected ? report :
RogueKiller V10.7.0.0 (x64) [May 25 2015] by Adlice Software
mail :
http://www.adlice.com/contact/Feedback :
http://forum.adlice.comWebsite :
http://www.adlice.com/softwares/roguekiller/Blog :
http://www.adlice.comOperating System : Windows 8.1 (6.3.9200 ) 64 bits version
Started in : Normal mode
User : removename [Administrator]
Started from : C:\Program Files\RogueKiller\RogueKiller.exe
Mode : Scan -- Date : 05/30/2015 00:18:42
¤¤¤ Processes : 0 ¤¤¤
¤¤¤ Registry : 8 ¤¤¤
[PUM.DesktopIcons] (X64) HKEY_USERS\S-1-5-21-2632152693-1255202836-1047204-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu | {59031A47-3F72-44A7-89C5-5595FE6B30EE} : 1 -> Found
[PUM.DesktopIcons] (X64) HKEY_USERS\S-1-5-21-2632152693-1255202836-1047204-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> Found
[PUM.DesktopIcons] (X86) HKEY_USERS\S-1-5-21-2632152693-1255202836-1047204-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu | {59031A47-3F72-44A7-89C5-5595FE6B30EE} : 1 -> Found
[PUM.DesktopIcons] (X86) HKEY_USERS\S-1-5-21-2632152693-1255202836-1047204-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> Found
[PUM.DesktopIcons] (X64) HKEY_USERS\S-1-5-21-2632152693-1255202836-1047204-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031A47-3F72-44A7-89C5-5595FE6B30EE} : 1 -> Found
[PUM.DesktopIcons] (X64) HKEY_USERS\S-1-5-21-2632152693-1255202836-1047204-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> Found
[PUM.DesktopIcons] (X86) HKEY_USERS\S-1-5-21-2632152693-1255202836-1047204-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031A47-3F72-44A7-89C5-5595FE6B30EE} : 1 -> Found
[PUM.DesktopIcons] (X86) HKEY_USERS\S-1-5-21-2632152693-1255202836-1047204-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> Found
¤¤¤ Tasks : 0 ¤¤¤
¤¤¤ Files : 0 ¤¤¤
¤¤¤ Hosts File : 0 ¤¤¤
¤¤¤ Antirootkit : 3 (Driver: Loaded) ¤¤¤
[IAT:Inl(Hook.IEAT)] (explorer.exe) msvcrt.dll - pow : Unknown @ 0x75900b6 (jmp 0xffffffffffffffb4)
[IAT:Inl(Hook.IEAT)] (explorer.exe) msvcrt.dll - free : Unknown @ 0x783c55d (jmp 0x57|jmp 0x1982b18b)
[IAT:Inl(Hook.IEAT)] (explorer.exe) msvcrt.dll - wcschr : Unknown @ 0x7817fc5 (jmp 0x3|jmp 0x4e)
¤¤¤ Web browsers : 0 ¤¤¤
¤¤¤ MBR Check : ¤¤¤
+++++ PhysicalDrive0: ST2000DM 001-1CH164 SATA Disk Device +++++
--- User ---
[MBR] 3e99d018e8be4f8cb57f623e22c6e299
[BSP] b0d71a947d6636fb01c39676b7efba73 : Windows Vista/7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 350 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 718848 | Size: 1907377 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
User = LL1 ... OK
User = LL2 ... OK
============================================
RKreport_SCN_05152015_001904.log - RKreport_DEL_05152015_002250.log - RKreport_DEL_05152015_002639.log - RKreport_SCN_05152015_003119.log
RKreport_SCN_05152015_084441.log - RKreport_DEL_05152015_084852.log - RKreport_DEL_05152015_084858.log - RKreport_SCN_05152015_085232.log
RKreport_SCN_05162015_040749.log - RKreport_DEL_05162015_041530.log - RKreport_SCN_05162015_042059.log - RKreport_DEL_05162015_045206.log
RKreport_SCN_05162015_045645.log - RKreport_SCN_05162015_071019.log - RKreport_DEL_05162015_071755.log - RKreport_SCN_05162015_072238.log
RKreport_SCN_05162015_075353.log - RKreport_DEL_05162015_075423.log - RKreport_SCN_05162015_083139.log - RKreport_SCN_05162015_093446.log
RKreport_DEL_05162015_093507.log - RKreport_SCN_05162015_102258.log - RKreport_SCN_05162015_105801.log - RKreport_SCN_05162015_110904.log
RKreport_DEL_05162015_111700.log - RKreport_SCN_05162015_162110.log - RKreport_SCN_05162015_171314.log - RKreport_SCN_05162015_203208.log
RKreport_SCN_05172015_125803.log - RKreport_SCN_05172015_130537.log - RKreport_DEL_05172015_131136.log - RKreport_SCN_05172015_192014.log
RKreport_SCN_05172015_193236.log - RKreport_SCN_05172015_195454.log - RKreport_SCN_05242015_091544.log - RKreport_DEL_05242015_092829.log
RKreport_SCN_05242015_093226.log - RKreport_SCN_05242015_094758.log - RKreport_SCN_05242015_170541.log - RKreport_SCN_05252015_134533.log
RKreport_SCN_05252015_184025.log - RKreport_SCN_05262015_153232.log - RKreport_SCN_05272015_193708.log - RKreport_DEL_05272015_194550.log
RKreport_SCN_05272015_194954.log - RKreport_SCN_05282015_045538.log - RKreport_SCN_05282015_182358.log - RKreport_SCN_05292015_022613.log
RKreport_SCN_05292015_050842.log - RKreport_DEL_05292015_051934.log - RKreport_SCN_05292015_052551.log - RKreport_SCN_05292015_060652.log
RKreport_SCN_05292015_061132.log - RKreport_SCN_05292015_185500.log - RKreport_SCN_05292015_191728.log - RKreport_SCN_05292015_201801.log
RKreport_DEL_05292015_202240.log - RKreport_SCN_05292015_204035.log - RKreport_SCN_05292015_205135.log
Topic: are these false Positives or am I infected ? (Read 6524 times)
