Need some help interpreting Registry files to delete after RogueKiller scan/report
Hello, I don't think this is too significant but I just don't want to delete the wrong registry files. Just asking for some help interpreting Registry files to delete after a RogueKiller scan/report. Listed in order are my comp info, a screen shot of the report and the report details pasted below. Can I just go ahead and delete these registry files that it marked? I already deleted the battlefield 3 files bc I've never played it on this comp... I've got AVG (latest), I use malware anti malware bytes, windows defender, ccleaner, Revo uninstaller, and Hitman Pro.
OS system summery
Screen shot of report - can I delete these registry files or are they important?
ReportScreen.jpg
Report Results
RogueKiller V8.7.11 _x64_ [Nov 25 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://www.adlice.com/forum/
Website : http://www.adlice.com/softwares/roguekiller/
Blog : http://tigzyrk.blogspot.com/
Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : Lake [Admin rights]
Mode : Remove -- Date : 12/06/2013 14:09:44
| ARK || FAK || MBR |
¤¤¤ Bad processes : 0 ¤¤¤
¤¤¤ Registry Entries : 7 ¤¤¤
[HJ POL][PUM] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> REPLACED (2)
[HJ POL][PUM] HKLM\[...]\System : EnableLUA (0) -> REPLACED (1)
[HJ POL][PUM] HKLM\[...]\Wow6432Node\[...]\System : ConsentPromptBehaviorAdmin (0) -> REPLACED (2)
[HJ POL][PUM] HKLM\[...]\Wow6432Node\[...]\System : EnableLUA (0) -> REPLACED (1)
[HJ SMENU][PUM] HKCU\[...]\Advanced : Start_TrackProgs (0) -> REPLACED (1)
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REPLACED (0)
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)
¤¤¤ Scheduled tasks : 2 ¤¤¤
[V2][SUSP UNIC] {FB84CEED-B488-4DE4-992A-81ECAAB47778} : C:\Program Files (x86)\btlfld3\Battlefield 3?��\bf3.exe [x] -> DELETED
[V2][SUSP UNIC] {FD8EDABF-F770-4D87-ABA0-4949087D4D92} : C:\Program Files (x86)\btlfld3\Battlefield 3?��\bf3.exe [x] -> DELETED
¤¤¤ Startup Entries : 0 ¤¤¤
¤¤¤ Web browsers : 0 ¤¤¤
¤¤¤ Particular Files / Folders: ¤¤¤
¤¤¤ Driver : [NOT LOADED 0x0] ¤¤¤
¤¤¤ External Hives: ¤¤¤
¤¤¤ Infection : ¤¤¤
¤¤¤ HOSTS File: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts
¤¤¤ MBR Check: ¤¤¤
+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) WDC WD7500BPVT-80HXZT3 +++++
--- User ---
[MBR] 36d5f8cf60b4e9f7529d3f2fdf4791b3
[BSP] 2df4e4393ef6efc24351e5bc0934916b : Windows 7/8 MBR Code
Partition table:
0 - [XXXXXX] FAT32-LBA (0x1c) [HIDDEN!] Offset (sectors): 2048 | Size: 25600 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 52430848 | Size: 313006 Mo
2 - [XXXXXX] EXTEN-LBA (0x0f) [VISIBLE] Offset (sectors): 693467136 | Size: 376797 Mo
User = LL1 ... OK!
User = LL2 ... OK!
+++++ PhysicalDrive1: (\\.\PHYSICALDRIVE1 @ USB) VBTM Store 'n' Go USB Device +++++
--- User ---
[MBR] 82109384f09e68f403c3cb72f078bcec
[BSP] f6e5c8791cf3b5cb98fd55304feb305a : Windows XP MBR Code
Partition table:
0 - [ACTIVE] FAT16 (0x06) [VISIBLE] Offset (sectors): 4 | Size: 242 Mo
User = LL1 ... OK!
Error reading LL2 MBR! ([0x32] The request is not supported. )
Finished : << RKreport[0]_D_12062013_140944.txt >>
RKreport[0]_S_12062013_140903.txt
There were two reports so I just posted this one too But I think the other report is what goes with the screenshot
RogueKiller V8.7.11 _x64_ [Nov 25 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://www.adlice.com/forum/
Website : http://www.adlice.com/softwares/roguekiller/
Blog : http://tigzyrk.blogspot.com/
Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : Lake [Admin rights]
Mode : Scan -- Date : 12/06/2013 14:09:03
| ARK || FAK || MBR |
¤¤¤ Bad processes : 0 ¤¤¤
¤¤¤ Registry Entries : 7 ¤¤¤
[HJ POL][PUM] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> FOUND
[HJ POL][PUM] HKLM\[...]\System : EnableLUA (0) -> FOUND
[HJ POL][PUM] HKLM\[...]\Wow6432Node\[...]\System : ConsentPromptBehaviorAdmin (0) -> FOUND
[HJ POL][PUM] HKLM\[...]\Wow6432Node\[...]\System : EnableLUA (0) -> FOUND
[HJ SMENU][PUM] HKCU\[...]\Advanced : Start_TrackProgs (0) -> FOUND
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND
¤¤¤ Scheduled tasks : 2 ¤¤¤
[V2][SUSP UNIC] {FB84CEED-B488-4DE4-992A-81ECAAB47778} : C:\Program Files (x86)\btlfld3\Battlefield 3?��\bf3.exe [x] -> FOUND
[V2][SUSP UNIC] {FD8EDABF-F770-4D87-ABA0-4949087D4D92} : C:\Program Files (x86)\btlfld3\Battlefield 3?��\bf3.exe [x] -> FOUND
¤¤¤ Startup Entries : 0 ¤¤¤
¤¤¤ Web browsers : 0 ¤¤¤
¤¤¤ Particular Files / Folders: ¤¤¤
¤¤¤ Driver : [NOT LOADED 0x0] ¤¤¤
¤¤¤ External Hives: ¤¤¤
¤¤¤ Infection : ¤¤¤
¤¤¤ HOSTS File: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts
¤¤¤ MBR Check: ¤¤¤
+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) WDC WD7500BPVT-80HXZT3 +++++
--- User ---
[MBR] 36d5f8cf60b4e9f7529d3f2fdf4791b3
[BSP] 2df4e4393ef6efc24351e5bc0934916b : Windows 7/8 MBR Code
Partition table:
0 - [XXXXXX] FAT32-LBA (0x1c) [HIDDEN!] Offset (sectors): 2048 | Size: 25600 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 52430848 | Size: 313006 Mo
2 - [XXXXXX] EXTEN-LBA (0x0f) [VISIBLE] Offset (sectors): 693467136 | Size: 376797 Mo
User = LL1 ... OK!
User = LL2 ... OK!
+++++ PhysicalDrive1: (\\.\PHYSICALDRIVE1 @ USB) VBTM Store 'n' Go USB Device +++++
--- User ---
[MBR] 82109384f09e68f403c3cb72f078bcec
[BSP] f6e5c8791cf3b5cb98fd55304feb305a : Windows XP MBR Code
Partition table:
0 - [ACTIVE] FAT16 (0x06) [VISIBLE] Offset (sectors): 4 | Size: 242 Mo
User = LL1 ... OK!
Error reading LL2 MBR! ([0x32] The request is not supported. )
Finished : << RKreport[0]_S_12062013_140903.txt >>
