Author Topic: Couple result questions.  (Read 5223 times)

0 Members and 1 Guest are viewing this topic.

May 20, 2014, 10:55:00 PM

CounterMixture

  • Guest
Couple result questions.
« on: May 20, 2014, 10:55:00 PM »
Alright, so I used RougeKiller and it worked flawlessly. However due to my own idiocy, I deleted the first result sheet. However I remember it not finding anything problematic expect these quarantined registry files (which I have no idea what I'm suppose to do with them).

These are the items that have been quarantined:


Also I scanned again incase anything it found previously was still buried there. Only blimp seems to be those driver errors. Anyway, thank you for taking time out of your day to help, its much appreciated!

RogueKiller V8.8.15 _x64_ [Mar 27 2014] by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Website : http://www.adlice.com/softwares/roguekiller/
Blog : http://www.adlice.com

Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : Steves [Admin rights]
Mode : Scan -- Date : 05/20/2014 15:52:06
| ARK || FAK || MBR |

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 0 ¤¤¤

¤¤¤ Scheduled tasks : 0 ¤¤¤

¤¤¤ Startup Entries : 0 ¤¤¤

¤¤¤ Web browsers : 0 ¤¤¤

¤¤¤ Browser Addons : 0 ¤¤¤

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [NOT LOADED 0x0] ¤¤¤
[Address] EAT @explorer.exe (BaseReportErrorA) : fwpuclnt.dll -> HOOKED (C:\Program Files\Windows Photo Viewer\PhotoBase.dll @ 0xFB691EF4)
[Address] EAT @explorer.exe (BaseReportErrorW) : fwpuclnt.dll -> HOOKED (C:\Program Files\Windows Photo Viewer\PhotoBase.dll @ 0xFB691EF4)

¤¤¤ External Hives: ¤¤¤

¤¤¤ Infection :  ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts


127.0.0.1   localhost


¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) TOSHIBA MK6465GSX ATA Device +++++
--- User ---
[MBR] 3fd064c478b7ab310b430a1e7e351dc6
[BSP] 1f2fe4cab813ca0ce788b0ddd18ea71a : Windows Vista MBR Code
Partition table:
0 - [XXXXXX] DELL-UTIL (0xde) [VISIBLE] Offset (sectors): 63 | Size: 39 MB
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 80325 | Size: 15000 MB
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 30800325 | Size: 595440 MB
User = LL1 ... OK!
User = LL2 ... OK!

Finished : << RKreport[0]_S_05202014_155206.txt >>
RKreport[0]_D_05202014_145346.txt;RKreport[0]_H_05202014_144931.txt;RKreport[0]_S_05202014_144849.txt
RKreport[0]_S_05202014_145122.txt;RKreport[0]_S_05202014_150914.txt

Reply #1May 21, 2014, 08:09:12 AM

Tigzy

  • Administrator
  • Hero Member

  • Offline
  • *****

  • 956
  • Reputation:
    91
  • Personal Text
    Owner, Adlice Software
    • View Profile
    • Adlice Software
Re: Couple result questions.
« Reply #1 on: May 21, 2014, 08:09:12 AM »
Hello
There's no problem, the quarantined keys are really not critical.
Only display settings.

Reply #2May 21, 2014, 10:02:59 PM

CounterMixture

  • Guest
Re: Couple result questions.
« Reply #2 on: May 21, 2014, 10:02:59 PM »
Thank you sir, and great work with what you're doing. Should I just leave them as they are or delete them?

Reply #3May 23, 2014, 11:46:26 AM

Tigzy

  • Administrator
  • Hero Member

  • Offline
  • *****

  • 956
  • Reputation:
    91
  • Personal Text
    Owner, Adlice Software
    • View Profile
    • Adlice Software
Re: Couple result questions.
« Reply #3 on: May 23, 2014, 11:46:26 AM »
Just leave them.
It'll be more clear in version 9, with nice colors :)