Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.


Messages - calamityjane

Pages: 1 [2]
16
RogueKiller PREMIUM / Re: "Dangerous" objects in Services detection
« on: June 12, 2017, 07:35:31 pm »
Hi Curson,

I wanted to let you know that the false MalPE detections are totally gone, with your latest update.

However, I am still getting that icon in the notification area, lower left corner, that says "RogueKiller.exe corrupt file".

Specifically, this error first occurred with last week's update and is only present when downloading new update.

I've included an attachment.

Regards,
cj

17
RogueKiller PREMIUM / Re: "Dangerous" objects in Services detection
« on: June 05, 2017, 09:29:58 pm »
Sorry Curson, I should have included more detail.

Please see attachments & let me know what else I can do.
cj

18
RogueKiller PREMIUM / Re: "Dangerous" objects in Services detection
« on: June 05, 2017, 07:04:21 pm »
Hi Curson,

I re-ran scan w/today's update.
I've included attachments showing:

1. Detections in "orange" zone (no red, this time)
(slightly different mix of detected objects)

2.  Scan settings used

3.  Notification bar on Windows
-Something odd I've never seen before, left of normal RK icon was "error" RK icon.
 -Following RK update, when I put cursor over this yellow triangle error icon, it said "corrupted file .
 -However, eventually, the error icon disappeared on it's own.


If you want me to try anything else, just let me know.
Regards,
cj

19
RogueKiller PREMIUM / Re: "Dangerous" objects in Services detection
« on: June 02, 2017, 04:32:44 pm »
Absolutely.
I'll report back when I have the results next week.

Regards,
cj

20
RogueKiller PREMIUM / Re: "Dangerous" objects in Services detection
« on: June 01, 2017, 09:07:56 pm »
Hi Curson,

You said-
"A bug was detected.....when using MalPE analysis...."

However, I never used the MalPE option when I scanned.
I've included, again in attachment, what my settings were.

I did rescan, but only using "VirusTotal Analysis" option  and NOT the MalPE analysis.
cj

21
RogueKiller PREMIUM / Re: "Dangerous" objects in Services detection
« on: June 01, 2017, 02:23:31 am »
OK,
If you are still awake, Curson, et al,

I've re-run RK with Virus Total analysis and included the image attachment-

Results: The same 4 "malware objects", as the previous ones listed.

Should I try to scan again and use the beta malPE analysis?
cj

ps- The only variable I can think of is today's scans are the first scans I've performed since your latest update.

22
RogueKiller PREMIUM / Re: "Dangerous" objects in Services detection
« on: June 01, 2017, 01:19:07 am »
I'm doing this right now.

Curiously, I had thought "Virus Total" was included as I have not changed any settings for a long time.

I will report back with updated scan results, asap.
cj

23
RogueKiller PREMIUM / Re: "Dangerous" objects in Services detection
« on: June 01, 2017, 12:58:48 am »
Hi Curson,

I'm grateful for your quick reply.
No, "VirusTotal Analysis" option was not ticked.

I've included a screen shot of the scan settings.
If there is anything different that you recommend I change the settings to, please advise.

I'm breathing easier now.
My regards to you.
cj

24
RogueKiller PREMIUM / "Dangerous" objects in Services detection
« on: May 31, 2017, 10:30:01 pm »
Before  I spend a lot of time on this, could you kindly verify that these are not false positives.
This is the first time I have ever seen anything detected under the Services category.

They are in the enclosed attachment, and displayed in red zone saying  they are dangerous and must be removed.

Many thanks.
cj

25
RogueKiller PREMIUM / Re: IAT Hooks legit?
« on: April 21, 2017, 05:41:57 pm »
Hello Curson, et al, Forum members,

Curson, you previously said, in above post,
"Yes, Chrome heavily relies on hooks to implement some features.
In the futur, they will be recognized as legit and therefore not displayed anymore in RogueKiller reports."

I had similar experience but with one exception:

Only one hook specifically was detected by RK as a "positive" (highlighted in red), as opposed to all the other aforementioned hooks which were as you previously described (normal).

With the latest version upgrade, ALL the hooks have disappeared INCLUDING the one suspect hook that I've been attempting to isolate, prior to the version upgrade.

I saw this hook in RK V12.10.1.0 [Mar 20 2017] (Premium) and earlier.

Below is the suspect hook info that is no longer detected-

Detection             Type   Detour Object                           Hook                                                             
Hook.SSDT   SSDT   Inl         ZwDeleteAtom[119]    C:\Windows\System32\win32k.sys @ 0xffffffffab2b7f63

Nothing was documented under header, "Status".

Can I (hopefully) assume this was a false positive?
I cannot confirm any kind of infection other than this.

My PC is Windows Vista 32 bits .

Thanks for your assistance.
CJ

26
General Discussion / Cloudflare bleed
« on: March 01, 2017, 06:12:37 pm »
Hi Adlice team & forum,

I understand that Adlice hosting co. is CloudFlare.

I've been paying attention to latest breach and I'm wondering if it would be a good idea to reset my password on forum.adlice.com and/or ANY website which utilizes CloudFlare.

Per this article-
https://www.techdirt.com/articles/20170224/16145636783/just-to-be-safe-were-resetting-all-techdirt-passwords-response-to-cloudbleed.shtml

If you could address this issue and what diligent members should be doing (or not), I would be most grateful.

Kind regards,
CJ




27
Also, one more thing that is unrelated but worth mentioning-

Because I have not utilized the option of using this forum until today, I previously bookmarked this link in the event I would need to access the forum-

http://www.adlice.com/contact/

However, the provided hyperlinks on this page (listed twice) are no longer valid and need updating, as shown below:

"Malware Removal? Please use the forum [http://www.adlice.com/forum/]

The hyperlink goes to this page-

"Error 404 Not Found"


28
Hello Curson and forum members,

I know just enough French to realize that this discussion probably applies to most forum members.

I also received a highly questionable private message which I did NOT reply to, as follows:

*************
"Subject: New Personal Message: Shock. Trump and Hilton in bed. See is not removed. "

"Reply to this Personal Message here: https://forum.adlice.com/index.php?action=pm;sa=send;f=inbox;pmsg=121;quote;u=9381 "

**************

Since my understanding of French is poor, I just wanted to make sure that this discussion is referring to this email that I received today.

Many thanks.
CJ

29
General Discussion / Re: Introduce yourself
« on: August 20, 2016, 12:50:36 am »
Hello Tigzy, Curson, and all.

Just upgraded to Premium after using free version for about a year.
Outstanding product!

But why the heck are you using Paypal??

It took me an hour with phone support to process my cc payment because PP says I "used up all my guest log-ins" and apparently I was "flagged".

They attempted to coerce (extort) me into registering with them.
(snowball's chance in hell)

My guest log-ins amount to less than 10 over 8 years aprox.
What a nightmare.
I told PP supervisor I was going to report their obnoxious behavior to you (and the world) and you will not believe their response-
Supervisor says (and I quote)-
"No one is forcing Adlice to use PayPal" (!!)






Pages: 1 [2]