Adlice forum

Software feedback => RogueKiller => Topic started by: nitrousable on May 11, 2015, 07:15:40 PM

Title: Please analyze my log
Post by: nitrousable on May 11, 2015, 07:15:40 PM

RogueKiller V10.6.3.0 (x64) [May 11 2015] by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Website : http://www.adlice.com/softwares/roguekiller/
Blog : http://www.adlice.com

Operating System : Windows 8.1 (6.3.9200 ) 64 bits version
Started in : Normal mode
User : Alex [Administrator]
Started from : C:\Program Files\RogueKiller\RogueKiller.exe
Mode : Scan -- Date : 05/11/2015  19:11:38

¤¤¤ Processes : 0 ¤¤¤


¤¤¤ Registry : 2 ¤¤¤
[Orphan] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad | WebCheck : {E6FB5E20-DE35-11CF-9C87-00AA005127ED}  -> Found
[Orphan] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad | WebCheck : {E6FB5E20-DE35-11CF-9C87-00AA005127ED}  -> Found

¤¤¤ Tasks : 0 ¤¤¤

¤¤¤ Files : 0 ¤¤¤

¤¤¤ Hosts File : 0 ¤¤¤

¤¤¤ Antirootkit : 0 (Driver: Loaded) ¤¤¤

¤¤¤ Web browsers : 0 ¤¤¤

¤¤¤ MBR Check : ¤¤¤
+++++ PhysicalDrive0: SAMSUNG HD103SI +++++
--- User ---
[MBR] 37345cd71e41256344dce83f23e3d943
[BSP] d2c032d2125283caa119df8964ce8bd7 : Windows Vista/7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 350 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 718848 | Size: 923516 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
2 - [XXXXXX] EXTEN-LBA (0xf) [VISIBLE] Offset (sectors): 1892079616 | Size: 350 MB
3 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 1892796416 | Size: 29651 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
User = LL1 ... OK
User = LL2 ... OK

Title: Re: Please analyze my log
Post by: Curson on May 11, 2015, 11:34:35 PM

Hi nitrousable,

Your report is clean.

Regards.

Title: Re: Please analyze my log
Post by: nitrousable on May 12, 2015, 10:34:14 AM

Quote from: Curson on May 11, 2015, 11:34:35 PM

Hi nitrousable,

Your report is clean.

Regards.

Thank you but what are these 2 entries?
[Orphan] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad | WebCheck : {E6FB5E20-DE35-11CF-9C87-00AA005127ED}  -> Found
[Orphan] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad | WebCheck : {E6FB5E20-DE35-11CF-9C87-00AA005127ED}  -> Found

I know this this is a part of a program WebChecker but I don't have it on my computer. These 2 entries along with the webcheck.dll randomly appeared yesterday. I checked the creation date to be doubly sure.

Title: Re: Please analyze my log
Post by: Curson on May 13, 2015, 11:09:03 AM

Hi nitrousable,

These entries are orphaned, which means that there is no file associated with thoses.
You can delete them if you want, but there is no impact to leave them unchanged.

Regards.