Author Topic: Please analyze scan log  (Read 6975 times)

0 Members and 1 Guest are viewing this topic.

July 10, 2014, 09:37:46 AM

columbine

  • Guest
Please analyze scan log
« on: July 10, 2014, 09:37:46 AM »
This is the first time that I have used Rogue Killer and need some advice on what things should be deleted.  I have attached the scan log.  Thank you for your help!

Reply #1July 10, 2014, 10:15:16 AM

Tigzy

  • Administrator
  • Hero Member

  • Offline
  • *****

  • 957
  • Reputation:
    91
  • Personal Text
    Owner, Adlice Software
    • View Profile
    • Adlice Software
Re: Please analyze scan log
« Reply #1 on: July 10, 2014, 10:15:16 AM »
Hello
I'm concerned about this one:

Quote
[Shell.HJ] HKEY_LOCAL_MACHINE\RK_Software_ON_D_4B47\Microsoft\Windows NT\CurrentVersion\Winlogon | Shell : cmd.exe /k start cmd.exe  -> FOUND

What is the operating system of the D: drive?

Reply #2July 10, 2014, 10:30:26 AM

columbine

  • Guest
Re: Please analyze scan log
« Reply #2 on: July 10, 2014, 10:30:26 AM »
Hi,

The operating system is Windows Vista (6.0.6002 Service Pack 2) 32 bits version.

Thank you.

Reply #3July 10, 2014, 10:34:41 AM

Tigzy

  • Administrator
  • Hero Member

  • Offline
  • *****

  • 957
  • Reputation:
    91
  • Personal Text
    Owner, Adlice Software
    • View Profile
    • Adlice Software
Re: Please analyze scan log
« Reply #3 on: July 10, 2014, 10:34:41 AM »
Ok, that's an unusual shell value, but it looks like it's not harmful.
If you don't have any problem, I'd not fix it.
« Last Edit: July 10, 2014, 01:43:40 PM by Tigzy »

Reply #4July 10, 2014, 10:50:10 AM

columbine

  • Guest
Re: Please analyze scan log
« Reply #4 on: July 10, 2014, 10:50:10 AM »
I have several questions:

Is there anything listed in the scan log that you would recommend that I delete?

What is a PUM? How do I know if they are good or bad?

What are the two items listed under the Host tab?

All of the items that are listed under the Antirootkit are green.  Does that mean they are all okay?

All of the items that are listed under the Web Browers tab are also green.  Are these all okay?

I found a threat of Win32:Wysotot - D [Trj] and that is why I ran a scan with Rogue Killer.

Thank you for your help!


Reply #5July 10, 2014, 01:46:18 PM

Tigzy

  • Administrator
  • Hero Member

  • Offline
  • *****

  • 957
  • Reputation:
    91
  • Personal Text
    Owner, Adlice Software
    • View Profile
    • Adlice Software
Re: Please analyze scan log
« Reply #5 on: July 10, 2014, 01:46:18 PM »
I definitely need to write a tutorial about that :/

For PUM, please refer to the FAQ: http://forum.adlice.com/index.php/topic,7.0.html
Items in the host tab are the hosts file content, please refer to the tutorial: http://www.adlice.com/softwares/roguekiller/roguekiller-official-tutorial/

For question about the colors, please it's also in the tutorial.

Quote
I found a threat of Win32:Wysotot - D [Trj] and that is why I ran a scan with Rogue Killer.
Well, if it found the threat (whatever it is), it probably removed it, right?


For PUM entries, they are not needed to be removed, DNS IP is fine.
« Last Edit: July 10, 2014, 01:48:31 PM by Tigzy »