hi guys I keep getting "HideDesktopIcons\NewStartPanel"and more

[TheMuffinman]

hello, I keep on getting "HideDesktopIcons\NewStartPanel" and  " HideDesktopIcons\ClassicStartMenu" as a PUM and every time I delete it or restore it or what ever with rogue killer I will get some desktop icons and then when I delete the desktop icons( I think the 2 desktop Icons I get are the name of the user and computer file when you open them it takes you to "This PC" just in case you need it )  it placed I will get the report again is this just me deleting the icons or is this action made by malware ?  this is the report. thanks

RogueKiller V10.6.5.0 (x64) [May 20 2015] by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Website : http://www.adlice.com/softwares/roguekiller/
Blog : http://www.adlice.com

Operating System : Windows 8.1 (6.3.9200 ) 64 bits version
Started in : Normal mode
User : (removed my name) [Administrator]
Started from : C:\Program Files\RogueKiller\RogueKiller.exe
Mode : Scan -- Date : 05/24/2015  09:47:58

¤¤¤ Processes : 0 ¤¤¤

¤¤¤ Registry : 8 ¤¤¤
[PUM.DesktopIcons] (X64) HKEY_USERS\S-1-5-21-2632152693-1255202836-1047204-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu | {59031A47-3F72-44A7-89C5-5595FE6B30EE} : 1  -> Found
[PUM.DesktopIcons] (X64) HKEY_USERS\S-1-5-21-2632152693-1255202836-1047204-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1  -> Found
[PUM.DesktopIcons] (X86) HKEY_USERS\S-1-5-21-2632152693-1255202836-1047204-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu | {59031A47-3F72-44A7-89C5-5595FE6B30EE} : 1  -> Found
[PUM.DesktopIcons] (X86) HKEY_USERS\S-1-5-21-2632152693-1255202836-1047204-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1  -> Found
[PUM.DesktopIcons] (X64) HKEY_USERS\S-1-5-21-2632152693-1255202836-1047204-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031A47-3F72-44A7-89C5-5595FE6B30EE} : 1  -> Found
[PUM.DesktopIcons] (X64) HKEY_USERS\S-1-5-21-2632152693-1255202836-1047204-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1  -> Found
[PUM.DesktopIcons] (X86) HKEY_USERS\S-1-5-21-2632152693-1255202836-1047204-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031A47-3F72-44A7-89C5-5595FE6B30EE} : 1  -> Found
[PUM.DesktopIcons] (X86) HKEY_USERS\S-1-5-21-2632152693-1255202836-1047204-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1  -> Found

¤¤¤ Tasks : 0 ¤¤¤

¤¤¤ Files : 0 ¤¤¤

¤¤¤ Hosts File : 0 ¤¤¤

¤¤¤ Antirootkit : 0 (Driver: Loaded) ¤¤¤

¤¤¤ Web browsers : 0 ¤¤¤

¤¤¤ MBR Check : ¤¤¤
+++++ PhysicalDrive0: ST2000DM 001-1CH164 SATA Disk Device +++++
--- User ---
[MBR] 3e99d018e8be4f8cb57f623e22c6e299
[BSP] b0d71a947d6636fb01c39676b7efba73 : Windows Vista/7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 350 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 718848 | Size: 1907377 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
User = LL1 ... OK
User = LL2 ... OK


============================================
RKreport_SCN_05152015_001904.log - RKreport_DEL_05152015_002250.log - RKreport_DEL_05152015_002639.log - RKreport_SCN_05152015_003119.log
RKreport_SCN_05152015_084441.log - RKreport_DEL_05152015_084852.log - RKreport_DEL_05152015_084858.log - RKreport_SCN_05152015_085232.log
RKreport_SCN_05162015_040749.log - RKreport_DEL_05162015_041530.log - RKreport_SCN_05162015_042059.log - RKreport_DEL_05162015_045206.log
RKreport_SCN_05162015_045645.log - RKreport_SCN_05162015_071019.log - RKreport_DEL_05162015_071755.log - RKreport_SCN_05162015_072238.log
RKreport_SCN_05162015_075353.log - RKreport_DEL_05162015_075423.log - RKreport_SCN_05162015_083139.log - RKreport_SCN_05162015_093446.log
RKreport_DEL_05162015_093507.log - RKreport_SCN_05162015_102258.log - RKreport_SCN_05162015_105801.log - RKreport_SCN_05162015_110904.log
RKreport_DEL_05162015_111700.log - RKreport_SCN_05162015_162110.log - RKreport_SCN_05162015_171314.log - RKreport_SCN_05162015_203208.log
RKreport_SCN_05172015_125803.log - RKreport_SCN_05172015_130537.log - RKreport_DEL_05172015_131136.log - RKreport_SCN_05172015_192014.log
RKreport_SCN_05172015_193236.log - RKreport_SCN_05172015_195454.log - RKreport_SCN_05242015_091544.log - RKreport_DEL_05242015_092829.log
RKreport_SCN_05242015_093226.log

[Curson]

Hi TheMuffinman,

Welcome to Adlice.com Forum.

Entries flagged as PUM (Potentially Unwanted Modification) could be potentially malicious.
In your case all of them are perfectly legit.

For more information, please read RogueKiller Documentation. You will find extensive descriptions about such entries there.

Regards.

[TheMuffinman]

thank you

[Curson]

Hi TheMuffinman,

You are very welcome. 

All the best.