Author Topic: Pum Proxy on fresh install  (Read 6814 times)

0 Members and 1 Guest are viewing this topic.

July 16, 2016, 08:40:52 pm

ira66569

  • Guest
Pum Proxy on fresh install
« on: July 16, 2016, 08:40:52 pm »
so today i ran RK as a part of my routine maintenance, i got the fallowing

[PUM.Proxy] (X64) HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\00-7f-28-7e-30-82 -> Found
[PUM.Proxy] (X86) HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\00-7f-28-7e-30-82 -> Found

After attempting to remove them multiple times, every time i ran the scan they show up again. I ran Rkill then did a full scan with Eset , Malwarebyte and i could not find anything . I did a secure erase for my SSD with the OS and reinstalled windows 10 , when i ran the scan again i got the same results. I did another secure erase and installed windows 8 from my CD to download windows media creation tool to make a new a windows 10 USB . When i ran the scan i found the same entries again, any idea what this is exactly?

RogueKiller V12.3.8.0 (x64) [Jul 11 2016] (Free) by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Website : http://www.adlice.com/download/roguekiller/
Blog : http://www.adlice.com

Operating System : Windows 8 (6.2.9200) 64 bits version
Started in : Normal mode
User : hj [Administrator]
Started from : C:\Program Files\RogueKiller\RogueKiller64.exe
Mode : Scan -- Date : 07/16/2016 14:20:42

Processes : 0

Registry : 2
[PUM.Proxy] (X64) HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\00-7f-28-7e-30-82 -> Found
[PUM.Proxy] (X86) HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\00-7f-28-7e-30-82 -> Found

Tasks : 0

Files : 0

Hosts File : 0

Antirootkit : 0 (Driver: Loaded)

Web browsers : 0

MBR Check :
+++++ PhysicalDrive0: Samsung SSD 840 PRO Series +++++
--- User ---
[MBR] 4eeefac1d16fd1a20ca4496617a6c0d0
[BSP] c920a6713f1b277ae9033558a733e0f3 : Windows Vista/7/8|VT.Unknown MBR Code
Partition table:
0 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 244196 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
User = LL1 ... OK
User = LL2 ... OK

+++++ PhysicalDrive1: WDC WD6400AAKS-00A7B2 +++++
--- User ---
[MBR] e9548155b69aa263f891ce17737f0fdf
[BSP] 2366cf6468a85fdc04fb119c2c485dcd : Windows Vista/7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 610478 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
User = LL1 ... OK
User = LL2 ... OK

+++++ PhysicalDrive2: USB Device +++++
--- User ---
[MBR] 7ff117a9492b968d128d863d3e2fecc7
[BSP] c8daf50c9f667a6361c92da716172185 : Standard|VT.Unknown MBR Code
Partition table:
0 - [ACTIVE] FAT32 (0xb) [VISIBLE] Offset (sectors): 63 | Size: 3894 MB
User = LL1 ... OK
Error reading LL2 MBR! ([32] The request is not supported. )

+++++ PhysicalDrive3: Kingston DataTraveler 3.0 USB Device +++++
--- User ---
[MBR] 45e42a2cfd9f3ce42824ff4cbfdec107
[BSP] 9e3b3c473b1db0daa516427cdae6e1cc : Windows Vista/7/8 MBR Code
Partition table:
0 - [ACTIVE] FAT32 (0xb) [VISIBLE] Offset (sectors): 2048 | Size: 7444 MB
User = LL1 ... OK
Error reading LL2 MBR! ([32] The request is not supported. )


Reply #1July 16, 2016, 10:27:02 pm

Curson

  • Global Moderator
  • Hero Member

  • Offline
  • *****

  • 2448
  • Reputation:
    84
    • View Profile
Re: Pum Proxy on fresh install
« Reply #1 on: July 16, 2016, 10:27:02 pm »
Hi ira66569,

These entries are false positives.
This will be fixed in RogueKiller next release.

Regards.