Recent Posts

Pages: 1 2 [3] 4 5 ... 10
RogueKiller PREMIUM / Re: False Positive
« Last post by mrmike570 on November 27, 2018, 04:28:07 pm »
Hello..I have attached the zip file as requested..Thank You for responding so quickly.. 
RogueKiller PREMIUM / Re: False Positive
« Last post by Curson on November 27, 2018, 04:14:35 pm »
Hi Michael,

Thanks for your feedback.
Could you please zip the file detected as EICAR (sfc.exe) and attach the archive with your next reply ?

RogueKiller PREMIUM / False Positive
« Last post by mrmike570 on November 27, 2018, 01:41:28 pm »
Hello and Good Morning...
I recently installed a new antivirus called IMMUNET, believe its new from Cisco Systems..
I ran a check this morning with Rogue Killer and there was a hit for the following. 

Process: [Test.EICAR (Malicious)] sfc.exe (3860) -- (Cisco Systems, Inc.) C:\Program Files\Immunet\6.2.0\sfc.exe -> Found

I do know EICARis a test file, however, id like a second opinion..Thank You.   Michael   

I attached the text file also...for your perusal...
RogueKiller / Re: ===> False Positives <===
« Last post by Curson on November 25, 2018, 04:01:32 pm »
Hi SilenceEngaged,

Thanks for your feedback.
This is indeed a false positive. We will whitelist it as soon as possible.

RogueKiller / tinyBuild Launcher possible false-positives
« Last post by SilenceEngaged on November 25, 2018, 05:11:28 am »
I have stumbled upon a possible false positive when scanning with RoguKiller. It picks up two registry items from the tinyBuild Launcher, which is used to launch the PC game "Rapture Rejects". Attached is the TXT file from a RogueKiller Report...
Hello Curson,

Thank you very much for the detailed explanation. With that said, since reading your latest post I have done some digging and I may be onto something. With that said, there are two important things I left out of my OP (one intentionally, and one simply because my OP would have been very, very long had I not forced myself to come to a stopping point). I am currently typing you a PM which will contain the private information I intentionally left out of my OP, and after I send you the PM, I will go ahead and update this thread.

Please understand that I am not disregarding what you said about the ultimate remediation of everything that is on my systems (a bootkit in particular) generally being conducted on-site. In fact, I started to consider this to be the case myself a couple of months back; as in, this situation likely would not be able to be resolved remotely. However, considering there is so much that I left out of my OP and because of this there is still so many important factors you have no way of knowing, I'd like to run a few more of them by you (definitely not all of them, only the most important at this stage) and get your opinion before I go ahead and decide that my only option is hiring a specialist to handle this on-site (I hope you don't mind). If it does in fact end up coming down to me having to hire someone to fix everything on-site, I have no issue doing this. Lastly, I am positive that once you read these things I keep mentioning that I left out of my OP and am working on sending your way, I whole-heartedly feel my reasons for wanting to make sure that my only choice will ultimately come down to hiring a local specialist will become clear.

Thank you so much for the time and effort you have put into this. You, alone and single-handedly have helped me out more than anyone else, and more than you know and I cannot express how truly grateful I am.

I'll be in touch soon!  :)
Hi Hostn4me,

There is probably something going very wrong with your motherboard firmware, since the change of drive and the reinstallation of the system didn't resolve the issue.
A good approach would be to analyse the EFI of your computer and check for the presence of a bootkit. An offline analysis of the GPT of your drives may be worth a try, too.

However, such investigations are complicated and should usually be conducted on site. That's why I strongly advise you to contact an enterprise specialised in such investigations to help you solving this issue. I'm afraid, there is nothing we can to help you with this, here, at Adlice.

Hello Curson,

As fate would have it, the laptop in which the scan logs were generated from and posted above in this thread crashed yesterday morning. This was before I was able to see or apply your fix. Furthermore, it not only crashed, the HDD was ruined (that's one more HDD that is gone due to this rookit/malware). I could not reinstall Linux or Windows on it. I was able to replace the HDD within this laptop and I'm going to go ahead and put either Windows 7 or Windows 10 on it and considering it will still be infected, I will perform some more scans and post them. I plan to have this done ASAP.

If you have any suggestions, questions, or anything at all, please let me know.

Thanks for your patience and for your time.
RogueKiller / Re: ===> False Positives <===
« Last post by Curson on November 22, 2018, 07:43:38 pm »
Hi bloodfx,

You are very welcome.

RogueKiller / Re: ===> False Positives <===
« Last post by bloodfx on November 22, 2018, 07:22:37 pm »
Wow that was fast great support, thanks :)
Pages: 1 2 [3] 4 5 ... 10