Adlice forum
Software feedback => RogueKiller => Topic started by: Gianthamster88 on March 24, 2023, 03:15:10 AM
-
Recently had malware and reformated everything and reinstalled a fresh install.
Rogue killer has been giving Suspicious.Path warning a couple of times and I wanted to know if I should be concerned
I only get one at a time, these are from three seperate instances of it coming up. All other scanning programs come up clean:
************************* Registry *************************
>>>>>> O4 - Run
└── [Suspicious.Path (Potentially Malicious)] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce|8dcafa82-4886-49be-a9b4-424305f1d979 -- "C:\Users\HOMEUS~1\AppData\Local\Temp\{4fdacbad-6532-4d44-95a4-2c6d9375ddcd}\8dcafa82-4886-49be-a9b4-424305f1d979.cmd" -> Found
>>>>>> O4 - Run
└── [Suspicious.Path (Potentially Malicious)] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce|577617fe-95e3-4ce6-9acc-34d4bcd03156 -- "C:\Users\HOMEUS~1\AppData\Local\Temp\{025f019d-d4af-48e5-9d63-65428dfe6540}\577617fe-95e3-4ce6-9acc-34d4bcd03156.cmd" -> Found
>>>>>> O4 - Run
└── [Suspicious.Path (Potentially Malicious)] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce|48aa6ecc-d81b-4a34-9b5d-041c7dbdebe6 -- "C:\Users\HOMEUS~1\AppData\Local\Temp\{0fe05f71-bae2-4462-8b59-645a4a6a8bdd}\48aa6ecc-d81b-4a34-9b5d-041c7dbdebe6.cmd" -> Found
Thanks for the help and if there is a way to diagnose what this all means on my own I'd love to know. Thanks!
-
Hi Gianthamster88,
Welcome to Adlice.com Forum.
Could you please zip one of these CMD files and attach the archive with your next reply ?
Regards.
-
Thanks for the help. I attached the file. I think it showed up after I ran some scanners so maybe its scanner related?
-
Hi,
Likely a false positive.
Do you use a Kaspersky product ?
Regards.