Author Topic: Help with Scan Results  (Read 2950 times)

0 Members and 1 Guest are viewing this topic.

October 28, 2014, 03:14:45 pm

watsonaka

  • Guest
Help with Scan Results
« on: October 28, 2014, 03:14:45 pm »
Thanks for this great tool!

I'm assuming the PUMs in my registry should be deleted?
What about the Antirootkit and the MBR Check. I'm assuming those are safe. Am I interpreting this report correctly?

Thanks in advance!

RogueKiller V10.0.3.0 (x64) [Oct 16 2014] by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Website : http://www.adlice.com/softwares/roguekiller/
Blog : http://www.adlice.com

Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : jbanacek [Administrator]
Mode : Scan -- Date : 10/28/2014  08:58:44

Processes : 0

Registry : 4
[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1  -> Found
[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1  -> Found
[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1  -> Found
[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1  -> Found

Tasks : 0

Files : 0

Hosts File : 0

Antirootkit : 3 (Driver: Loaded)
[Filter(Kernel.Filter)] \Driver\atapi @ Unknown : \Driver\cdrblock @ \Device\CDRBlock0 (\SystemRoot\System32\Drivers\dfsc.sys)
[IAT:Addr] (explorer.exe @ ClassicExplorer64.dll) NETAPI32.dll - NetShareEnum : C:\Windows\system32\srvcli.dll @ 0x7fefc5c1ad4
[IAT:Addr] (firefox.exe @ roboform.dll) NETAPI32.dll - NetShareEnum : C:\Windows\SysWOW64\srvcli.dll @ 0x72e53f33

Web browsers : 0

MBR Check :
+++++ PhysicalDrive0: WDC WD5000AAKS-00A7B0 ATA Device +++++
--- User ---
[MBR] f349e1e81bdc6c7143a6911e7290e09f
[BSP] 220acf8e4557ffc2b1ff73f232cdfb4d : Windows Vista/7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 476939 MB
User = LL1 ... OK
User = LL2 ... OK

+++++ PhysicalDrive1: TOSHIBA DT01ACA300 ATA Device +++++
--- User ---
[MBR] 534a4726a989ac72a003611b50bfa5bf
[BSP] de29224e7eeee33e5baaa58296a9529b : Windows Vista/7/8 MBR Code
Partition table:
0 - [XXXXXX] UNKNOWN (0x0) [VISIBLE] Offset (sectors): 1 | Size: 2097152 MB
User = LL1 ... OK
User = LL2 ... OK

+++++ PhysicalDrive2: TOSHIBA DT01ACA300 ATA Device +++++
--- User ---
[MBR] af2f16242455d866bf4f0405a889e366
[BSP] 879b0e31b9256396b3ebdffe2e2fe67f : Windows Vista/7/8 MBR Code
Partition table:
0 - [XXXXXX] UNKNOWN (0x0) [VISIBLE] Offset (sectors): 1 | Size: 2097152 MB
User = LL1 ... OK
User = LL2 ... OK


============================================
RKreport_SCN_10282014_083952.log

END