Adlice forum

Software feedback => RogueKiller => Topic started by: cjojo22 on July 28, 2014, 11:12:40 AM

Title: analysis report
Post by: cjojo22 on July 28, 2014, 11:12:40 AM

Some one could help me to analysis this report please?? I'm worried especially by the line "antirookits" .... Thanks

Title: Re: analysis report
Post by: Tigzy on July 28, 2014, 11:53:37 AM

Hello

Please avoid multi-layered attachements (image in a docx in a zip)... You have text report, that's the best you can do.
Or, you could have put the image directly... Nevermind.

From what I can see, all is Green, so nothing to worry about.

Title: Re: analysis report
Post by: cjojo22 on July 28, 2014, 02:17:41 PM

sorry I wanted to be precise  :) Ok so just to be sure, do you mean that antirookits found have been deleted? and Thanks for your answer

Title: Re: analysis report
Post by: Tigzy on July 28, 2014, 02:19:44 PM

No, it means it DOESN'T have to be removed.
They are here for information only. More generally, antirootkit part is only informative. It's only flags.

- Green: hook is legit
- Orange: hook is potentially a malware (means unknown)
- Red: hook is a malware, or recognized as it.

Title: Re: analysis report
Post by: cjojo22 on July 28, 2014, 03:24:13 PM

I think I got it. It's useless to delete them including the orange's one.  When I read what is a rookit I was worried, I nerver installed this program! Thank you

Title: Re: analysis report
Post by: Tigzy on July 28, 2014, 06:00:10 PM

It's not necessarly a rootkit :)
That's just it has been detected by the antirootkit module... I know it's a bit fuzzy :D

Read this: http://www.adlice.com/kernelmode-rootkits-part-3-kernel-filters/