Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.


Messages - BaggotMaggot

Pages: [1]
1
RogueKiller / Re: Detecting Deleted File?
« on: May 08, 2021, 05:32:04 am »
Alright, thank you.

I should clarify just in case there's a case of any misunderstanding.

After I ran all the previous antiviruses that I mentioned,
I actually ran RogueKiller three times:
The first time I ran it, it detected System.exe, and I did nothing to it because I wanted to figure out where it was from. However, I could not find it's location at all in /temp/.
I ran it a second time, and RogueKiller detected it once again. I then deleted System.exe using RogueKiller.
I ran it one final third time, and this time it didn't detect anything.

After this is when I asked you guys for help.

I sent you logs for the 2nd time where I did infact delete it.

Sorry if there was any misunderstanding.

2
RogueKiller / Re: Detecting Deleted File?
« on: May 07, 2021, 03:54:05 am »
Hi, the website wouldn't let me send the .txt as an attachment because it was too large, so I zipped the .txt into a .7z. I hope you don't mind too much.

I also really appreciate the help!

3
RogueKiller / Re: Detecting Deleted File?
« on: May 05, 2021, 01:21:07 am »
SystemLook 30.07.11 by jpshortstuff
Log created at 19:20 on 04/05/2021 by AT_ST
Administrator - Elevation successful

========== file ==========

C:\Users\AT_ST\AppData\Local\Temp\System.exe - Unable to find/read file.

-= EOF =-

4
RogueKiller / Re: Detecting Deleted File?
« on: May 03, 2021, 11:08:36 pm »
and the delete report

5
RogueKiller / Re: Detecting Deleted File?
« on: May 03, 2021, 11:08:16 pm »
Hi, here's the scan report

6
RogueKiller / Detecting Deleted File?
« on: May 03, 2021, 12:49:04 pm »
Hi,

I've ran many anti-malware software like Hitman Pro, Malwarebytes, ESET, Windows Defender, and MSERT. A while ago I found a malware file called "System.exe" inside the Local/Temp folder and I deleted it.

Today, I ran RogueKiller and it detected that same "System.exe" file that I should've deleted a while ago. RogueKiller detected this, but when I tried actually finding it's file location manually, it was no where to be found. I've set my computer up so that I should be able to see all hidden files as well, so I shouldn't have been able to miss it. The other antiviruses I've ran didn't detect it a second time after I already deleted it so I think it should have already been dealt with. Any ideas if this is a false positive? For what it's worth, after I deleted the file using RogueKiller, when I ran it again, it didn't detect it.

To summarize in order of what I did:
I ran Hitman Pro, Malwarebytes, ESET, Windows Defender, and MSERT and it detected and deleted "System.exe" in Local/Temp/ (and I could actually locate and find this file).
I ran Hitman Pro, Malwarebytes, ESET, Windows Defender, and MSERT again, and nothing was detected.
A few week pass
I run the above again and nothing is detected once more.
I then ran RogueKiller, and it detected "System.exe", claiming that it was in Local/Temp/ like last time, but I could not find anything in local temp this time.

Do you guys have any ideas why RogueKiller detected an already-deleted file the first time? Was it perhaps a false positive? Thank you!

Pages: [1]