Sophos Anti-Rootkit

  ExPara 10:42 07 Oct 2007
Locked

I run Sophos Anti-Rootkit on Windows XP. When I run the programme, I am given a list of hidden entries. Can any member tell me what the entries are and if they are detrimental to the working of my computer? The list of entries are here.

\HKEY_LOCAL_MACHINE\SOFTWARE\Broadcom\802.11\LWNUSER

\HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip\Parameters\DhcpNameServer

\HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip\Parameters\DhcpDomain

\HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip\Parameters\Interfaces\{09A3ABCD-D2CB-4FFE-9C4B-29CB1696F0CD}\DhcpIPAddress

\HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip\Parameters\Interfaces\{09A3ABCD-D2CB-4FFE-9C4B-29CB1696F0CD}\DhcpSubnetMask

\HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip\Parameters\Interfaces\{09A3ABCD-D2CB-4FFE-9C4B-29CB1696F0CD}\DhcpSubnetMask

\HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip\Parameters\Interfaces\{09A3ABCD-D2CB-4FFE-9C4B-29CB1696F0CD}\DhcpRetryStatus

\HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip\Parameters\Interfaces\{09A3ABCD-D2CB-4FFE-9C4B-29CB1696F0CD}\DhcpNameServer

\HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip\Parameters\Interfaces\{09A3ABCD-D2CB-4FFE-9C4B-29CB1696F0CD}\DhcpDomain

\HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip\Parameters\Interfaces\{09A3ABCD-D2CB-4FFE-9C4B-29CB1696F0CD}\DhcpSubnetMaskOpt

\HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\{09A3ABCD-D2CB-4FFE-9C4B-29CB1696F0CD}\Parameters\Tcpip\DhcpSubnetMaskOpt

\HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\WWH7

  Batch 11:16 07 Oct 2007

Were you doing anything else on the PC at teh same time as running Sophos Anti-Rootkit?

I've found that it often throws up spurious items if it isn't run on its own.

  brundle 11:20 07 Oct 2007

The TCP/IP entries need looking at to verify them - they are standard registry keys, it's the content that needs investigating. They may have been modified by installed communications or modem driver software which sets up its own parameters.

  ExPara 15:24 07 Oct 2007

Thank you both for your replies. I have downloaded the latest version of Sophos Anti-Rootkit and performed a scan. The result showed "All Clear". What a relief!! Thanks again.

This thread is now locked and can not be replied to.

Elsewhere on IDG sites

Alienware 17 R4 2017 review

These brilliant Lego posters show just what children's imaginations are capable of

Mac power user tips and hidden tricks

Comment réinitialiser votre PC, ordinateur portable ou tablette Windows ?