Jump to content
KarenR

rogue.pallidium today jan 17

Recommended Posts

Bleeping computer has been helping me for other scare ware issues

I was clean yesterday

today at their advice to use SAS I did

a full scan

rogue.pallidium was found

I have no log

Bleeping computer wants me to re-scan

thinks is false pos

do I restore the infection (purported)??

and then re scan??

please advise

FREE Edition

many thanks

Share this post


Link to post
Share on other sites

Restore the file.

Then run SAS Update to obtain the latest core/trace definitions.

Rescan with SAS and then post a scan log so that we can see what file is being detected.

The scan log is found in SAS under Preferences>Statistics/Log tab. Just copy/paste the scan back here.

Share this post


Link to post
Share on other sites

Thank you !!!

RESTORED threat

UPDATED

NEW SCAN

SUPERAntiSpyware Scan Log

https://www.superantispyware.com

Generated 01/18/2011 at 07:00 AM

Application Version : 4.48.1000

Core Rules Database Version : 6223

Trace Rules Database Version: 4035

Scan type : Complete Scan

Total Scan Time : 00:37:48

Memory items scanned : 675

Memory threats detected : 0

Registry items scanned : 10229

Registry threats detected : 0

File items scanned : 28896

File threats detected : 0

**for your interest

HERE IS THE DAY BEFORE THE RESCAN AND UPDATE

SUPERAntiSpyware Scan Log

https://www.superantispyware.com

Generated 01/17/2011 at 08:03 AM

Application Version : 4.48.1000

Core Rules Database Version : 6139

Trace Rules Database Version: 3951

Scan type : Complete Scan

Total Scan Time : 00:38:35

Memory items scanned : 679

Memory threats detected : 0

Registry items scanned : 10227

Registry threats detected : 1

File items scanned : 28832

File threats detected : 0

Rogue.Pallidium

HKU\S-1-5-21-3886293462-2656852358-2641576973-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS#WARNONPOSTREDIRECT

Share this post


Link to post
Share on other sites

Go into IE's Tools-->Advanced and make sure "Warn if post submittal is redirected..." is checked. If not, check it off and click apply.

Close IE, release the reg key from SAS's quarantine, then restart the computer. Now update SAS and run the scan again. If the reg key re-appears, highlight it and click on "Trust Allow Item".

Share this post


Link to post
Share on other sites

thank you for help

not sure if you noticed I sent you 2 scans

I had a clean scan after I RESTORED the threat item

and after I updated SAS

the scan you may be refering your instructions is from the day before - log that found a threat

I included it for your interest to compare.

Share this post


Link to post
Share on other sites
Guest
This topic is now closed to further replies.

×