Hello just checked the pc , I did other scan before but this is the first time i see the antorootkit log with so many entries
RogueKiller V9.2.0.0 (x64) [Jun 23 2014] by Adlice Software
mail :
http://www.adlice.com/contact/Feedback :
http://forum.adlice.comWebsite :
http://www.adlice.com/softwares/roguekiller/Blog :
http://www.adlice.comOperating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : foca [Admin rights]
Mode : Scan -- Date : 07/09/2014 11:32:46
¤¤¤ Bad processes : 0 ¤¤¤
¤¤¤ Registry Entries : 8 ¤¤¤
[PUM.Policies] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | EnableLUA : 0 -> Trovato
[PUM.Policies] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | EnableLUA : 0 -> Trovato
[PUM.Policies] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | ConsentPromptBehaviorAdmin : 0 -> Trovato
[PUM.Policies] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | ConsentPromptBehaviorAdmin : 0 -> Trovato
[PUM.DesktopIcons] (X64) HKEY_USERS\S-1-5-21-2558236547-444649337-1807880188-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu | {59031A47-3F72-44A7-89C5-5595FE6B30EE} : 1 -> Trovato
[PUM.DesktopIcons] (X86) HKEY_USERS\S-1-5-21-2558236547-444649337-1807880188-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu | {59031A47-3F72-44A7-89C5-5595FE6B30EE} : 1 -> Trovato
[PUM.DesktopIcons] (X64) HKEY_USERS\S-1-5-21-2558236547-444649337-1807880188-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031A47-3F72-44A7-89C5-5595FE6B30EE} : 1 -> Trovato
[PUM.DesktopIcons] (X86) HKEY_USERS\S-1-5-21-2558236547-444649337-1807880188-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031A47-3F72-44A7-89C5-5595FE6B30EE} : 1 -> Trovato
¤¤¤ Le attività pianificate : 0 ¤¤¤
¤¤¤ Files : 0 ¤¤¤
¤¤¤ HOSTS File : 1 ¤¤¤
[C:\Windows\System32\drivers\etc\hosts] 127.0.0.1 localhost
¤¤¤ Antirootkit : 5 (Driver: LOADED) ¤¤¤
[Filter(Kernel.Filter)] \Driver\atapi @ \Device\Ide\IdeDeviceP3T0L0-3 : \Driver\iaStorF @ Unknown (\SystemRoot\System32\Drivers\mup.sys)
[Filter(Kernel.Filter)] \Driver\atapi @ \Device\Ide\IdeDeviceP2T0L0-2 : \Driver\iaStorF @ Unknown (\SystemRoot\System32\Drivers\mup.sys)
[Filter(Kernel.Filter)] \Driver\atapi @ \Device\Ide\IdeDeviceP1T0L0-1 : \Driver\iaStorF @ Unknown (\SystemRoot\System32\Drivers\mup.sys)
[Filter(Kernel.Filter)] \Driver\atapi @ \Device\Ide\IdeDeviceP0T0L0-0 : \Driver\iaStorF @ Unknown (\SystemRoot\System32\Drivers\mup.sys)
[Filter(Kernel.Filter)] \Driver\atapi @ Unknown : \Driver\cdrom @ \Device\CdRom0 (\SystemRoot\system32\CI.dll)
¤¤¤ I browser Web : 0 ¤¤¤
¤¤¤ MBR Check : ¤¤¤
+++++ PhysicalDrive0: WDC WD1003FZEX-00MK2A0 ATA Device +++++
--- User ---
[MBR] adcc5058a2b3ffdb25ff293490119835
[BSP] 690b767b6d8bc467a0a947e1263cffed : Windows Vista/7/8 MBR Code
Partition table:
0 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 953867 MB
User = LL1 ... OK
User = LL2 ... OK
+++++ PhysicalDrive1: Maxtor 6H500F0 ATA Device +++++
--- User ---
[MBR] 9f931b9192b6a19b905787b8e88450ae
[BSP] cf0b651b0fab45c6ab8f1d8c9f955908 : Windows Vista/7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 476939 MB
User = LL1 ... OK
User = LL2 ... OK
+++++ PhysicalDrive2: ADATA SP900 ATA Device +++++
--- User ---
[MBR] 2b9f2e12b490e0005987573fb446e66e
[BSP] c08dc13d915e62ae570e0b6e7e1dc92a : Windows Vista/7/8 MBR Code
Partition table:
0 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 122102 MB
User = LL1 ... OK
User = LL2 ... OK
something to worry about ?
Thanks
Topic: Antirootkit (Read 7119 times)
