Adlice forum
Software feedback => RogueKiller => Topic started by: columbine on July 10, 2014, 09:37:46 AM
-
This is the first time that I have used Rogue Killer and need some advice on what things should be deleted. I have attached the scan log. Thank you for your help!
-
Hello
I'm concerned about this one:
[Shell.HJ] HKEY_LOCAL_MACHINE\RK_Software_ON_D_4B47\Microsoft\Windows NT\CurrentVersion\Winlogon | Shell : cmd.exe /k start cmd.exe -> FOUND
What is the operating system of the D: drive?
-
Hi,
The operating system is Windows Vista (6.0.6002 Service Pack 2) 32 bits version.
Thank you.
-
Ok, that's an unusual shell value, but it looks like it's not harmful.
If you don't have any problem, I'd not fix it.
-
I have several questions:
Is there anything listed in the scan log that you would recommend that I delete?
What is a PUM? How do I know if they are good or bad?
What are the two items listed under the Host tab?
All of the items that are listed under the Antirootkit are green. Does that mean they are all okay?
All of the items that are listed under the Web Browers tab are also green. Are these all okay?
I found a threat of Win32:Wysotot - D [Trj] and that is why I ran a scan with Rogue Killer.
Thank you for your help!
-
I definitely need to write a tutorial about that :/
For PUM, please refer to the FAQ: http://forum.adlice.com/index.php/topic,7.0.html
Items in the host tab are the hosts file content, please refer to the tutorial: http://www.adlice.com/softwares/roguekiller/roguekiller-official-tutorial/
For question about the colors, please it's also in the tutorial.
I found a threat of Win32:Wysotot - D [Trj] and that is why I ran a scan with Rogue Killer.
Well, if it found the threat (whatever it is), it probably removed it, right?
For PUM entries, they are not needed to be removed, DNS IP is fine.