so today i ran RK as a part of my routine maintenance, i got the fallowing
[PUM.Proxy] (X64) HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\00-7f-28-7e-30-82 -> Found
[PUM.Proxy] (X86) HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\00-7f-28-7e-30-82 -> Found
After attempting to remove them multiple times, every time i ran the scan they show up again. I ran Rkill then did a full scan with Eset , Malwarebyte and i could not find anything . I did a secure erase for my SSD with the OS and reinstalled windows 10 , when i ran the scan again i got the same results. I did another secure erase and installed windows 8 from my CD to download windows media creation tool to make a new a windows 10 USB . When i ran the scan i found the same entries again, any idea what this is exactly?
RogueKiller V12.3.8.0 (x64) [Jul 11 2016] (Free) by Adlice Software
mail :
http://www.adlice.com/contact/Feedback :
http://forum.adlice.comWebsite :
http://www.adlice.com/download/roguekiller/Blog :
http://www.adlice.comOperating System : Windows 8 (6.2.9200) 64 bits version
Started in : Normal mode
User : hj [Administrator]
Started from : C:\Program Files\RogueKiller\RogueKiller64.exe
Mode : Scan -- Date : 07/16/2016 14:20:42
¤¤¤ Processes : 0 ¤¤¤
¤¤¤ Registry : 2 ¤¤¤
[PUM.Proxy] (X64) HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\00-7f-28-7e-30-82 -> Found
[PUM.Proxy] (X86) HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\00-7f-28-7e-30-82 -> Found
¤¤¤ Tasks : 0 ¤¤¤
¤¤¤ Files : 0 ¤¤¤
¤¤¤ Hosts File : 0 ¤¤¤
¤¤¤ Antirootkit : 0 (Driver: Loaded) ¤¤¤
¤¤¤ Web browsers : 0 ¤¤¤
¤¤¤ MBR Check : ¤¤¤
+++++ PhysicalDrive0: Samsung SSD 840 PRO Series +++++
--- User ---
[MBR] 4eeefac1d16fd1a20ca4496617a6c0d0
[BSP] c920a6713f1b277ae9033558a733e0f3 : Windows Vista/7/8|VT.Unknown MBR Code
Partition table:
0 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 244196 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
User = LL1 ... OK
User = LL2 ... OK
+++++ PhysicalDrive1: WDC WD6400AAKS-00A7B2 +++++
--- User ---
[MBR] e9548155b69aa263f891ce17737f0fdf
[BSP] 2366cf6468a85fdc04fb119c2c485dcd : Windows Vista/7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 610478 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
User = LL1 ... OK
User = LL2 ... OK
+++++ PhysicalDrive2: USB Device +++++
--- User ---
[MBR] 7ff117a9492b968d128d863d3e2fecc7
[BSP] c8daf50c9f667a6361c92da716172185 : Standard|VT.Unknown MBR Code
Partition table:
0 - [ACTIVE] FAT32 (0xb) [VISIBLE] Offset (sectors): 63 | Size: 3894 MB
User = LL1 ... OK
Error reading LL2 MBR! ([32] The request is not supported. )
+++++ PhysicalDrive3: Kingston DataTraveler 3.0 USB Device +++++
--- User ---
[MBR] 45e42a2cfd9f3ce42824ff4cbfdec107
[BSP] 9e3b3c473b1db0daa516427cdae6e1cc : Windows Vista/7/8 MBR Code
Partition table:
0 - [ACTIVE] FAT32 (0xb) [VISIBLE] Offset (sectors): 2048 | Size: 7444 MB
User = LL1 ... OK
Error reading LL2 MBR! ([32] The request is not supported. )
Topic: Pum Proxy on fresh install (Read 9111 times)
