3
« on: February 25, 2018, 10:08:03 AM »
Hey Curson!
Thank you for welcoming me. I am just loving the Rogue Killer experience: GREAT PRODUCT and very friendly community. What can you ask more?
Sorry that I posted on the wrong place but I really did not know better. This might also not be the ideal spot as I bought a premium license (after testing and using Rogue Killer for a couple of weeks), my modest way of supporting Rogue Killer. If you have to move this thread, just move ahead, please. Next time I will know where to post.
Back to the problem at hands.
1) Previous to posting here I uninstalled MBAM and the RK detection went away. I installed again, and the detection came back. I have 2 other devices with MBAM installed as well (with all programs installed in the same disk this time) and RK never detected it as a problem, so I figured it was a false positive related to the program location on the hard drive. But nothing like the expert confirmation for some peace of mind. Thank you for that. Problem 1) solved.
2) The two PUM detections actually happened on a different device. This device is used by the kids, so it gathers all the worst crap you would expect from the internet. When I read the MBAM logs (also installed on this device) I will see several daily instances of different malware detections: Rootkit this, Rootkit that, lately some coin mining virus, etc....
In order to cope with it, I initially formatted this device, installed a couple of antivirus and created a VLAN on the home router specifically for this single device. I figured this would keep the (potential) infections under control and they would not spread to my main home network. Anyway, I am not a computer expert , just a hobbyist that likes tech and does not really know what he is doing 50% of the time, so I hope this is not a very bad configuration. I am open to much better suggestions on how to handle the kids (regularly infected) laptop.
To answer your question, yes this device had a vpn installed but then I removed it and formatted the hard disk. Since it is an hp laptop, the format is never total as the factory settings always remain untouched. I ran RK before and imediately after formatting (before installing anything except for Windows 10 and Rogue Killer). Both times it showed the same PUM detections.
Another strange fact is that I have the same vpn in the other two devices and none of those entries were detected after running RogueKiller on them.
I also ran another (free) RootKit detector and it detected malware on the device (previous to formatting, did not run those afterwards again).
The machine itself was EXTREMELY slow, before formatting and Norton scans actually removed the coin mining virus several times, so it was infected for sure.
Now (after the format) everything looks fine with that particular device, and I even reinstalled the vpn once again. However Rogue Killer keeps detecting those two entries.
Anyway, maybe I am being too paranoid if you say that both entries are legit and necessary to access the internet. I just find it strange that the other two (very clean) devices connected to the same home network, with the same vpn installed do not show any of those entries when I run RK on them.
I am not too concerned as it is a machine that gathers a ton of crap weekly and that I will format it every few months, but I would like to keep it under control and avoid some weird situation where a very sophisticated virus might manage to jump vpns to my main network: It seems highly unlikely, but weirder things have happened in the last 30 years in the computer world.
Hope you have a better picture of the situation now.
Thank you for your help.
Regards.