Q's RE: RootkitRevealer Output: ...\Control\Motorola\PST\USBDriverVersionNumber

I have scanned my computer several times in recent weeks with RootkitRevealer and I usually see only the two following entries:

HKLM\SYSTEM\ControlSet002\Control\Motorola\PST\USBDriverVersionNumber 4/5/2005 4:22 AM 3 bytes Data mismatch between Windows API and raw hive data.
HKLM\SYSTEM\ControlSet003\Control\Motorola\PST\USBDriverVersionNumber 4/5/2005 4:22 AM 3 bytes Data mismatch between Windows API and raw hive data.

The contents of BOTH of the registry keys above are identical:

Name: (default) Type: REG_SZ Data: (value not set)

Name: USBDriverVersionNumber Type: REG_SZ Data: 1

Name: USBInterfaces Type: REG_SZ Data: Motorola_Flash

Name: USBSymbolicLinks Type: REG_SZ Data: \DosDevices\Motorola_Flash_P2K_Patriot_Motorola_Flash_00000000

I also have a HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Motorola\PST key with the same contents that does not get flagged by RR.

These appear to have been created around the time I purchased a USB data cable for my Motorola cell phone (around April 5).

I also tried an app (MyJal) around that time that allowed me to upload my own custom ring tones to the phone. I created a couple .wav files with GoldWave and put them on the phone.

Shortly after that, I became aware of an apparent bad reputation MyJal has with people who actively discuss the use of "WebJal" in their forums (another custom ring tone and wallpaper upload utility...that apparently requires an Internet connection when run). They talked so badly about MyJal that they even forbade any discussion of it in their forums.

I promptly uninstalled MyJal and deleted the custom ring tones I created and haven't messed with MyJal since (in fear that it may be a rogue/illegal app).

I want to be as certain as possible my computer is CLEAN of malware/pirateware.

I'm hoping these discrepancies reported by RR are just the result of bugs in legitimate Motorola USB drivers that I installed. (I don't remember for sure where I got the USB drivers from. I also don't know how to remove them, if necessary.)

• Is it possble that MyJal produced these discrepancies reported by RR?
  [*]If this info probably does not indicate "malware" issues, how may I safely edit my system so the RR Reported discrepancies no longer exist? (or should I just leave it alone?)

In Device Manager, I checked all USB controllers and all drivers there are either Microsoft or VIA Technologies.

I searched both my registry and hard drive for "Motorola_Flash_P2K_" and found no other locations for that string.

 

It appears to be just bugs in the driver files.

 

Hi, markp62.

Thanks for responding. I will leave the drivers alone for now and ignore the entries in my RR scans...unless I find suspect entries when running RR. It seems if RR detected a rootkit, there would usually be several suspect entries that would have discrepancies that would relate to other things than just version number info. I just wanted to be certain in this case.

Thanks again.