Recent Posts

Pages: [1] 2 3 ... 10
RogueKiller / Re: Recurring Infection After Laptop Format
« Last post by Curson on Today at 01:43:41 pm »
Hi Bob,

Welcome to Forum.

Yes, RogueKiller is detecting MalwareBytes malware database.
This issue has been fixed when MBAM is installed on standard location but since you run it from the another drive, the detection is still present.

PUM stands for Potentially Unwanted Modification. In your case, thoses entries are perfectly legit and necessary to access Internet.
For more information, please refer to RogueKiller Documentation.

However, the network class of these address is not common. Do you use a VPN service ?


Note : This thread has been moved to the "RogueKiller" section for clarity.
RogueKiller / Recurring Infection After Laptop Format
« Last post by BobMorane on February 23, 2018, 11:21:36 am »
I am new to Rogue Killer and I am using it on 3 devices.
One seems clean. Two of them seem to have problems:

1) The scan detects Malwarebytes as Malware but I am guessing that is because I have Malware Bytes and Rogue Killer installed on different disks, and probably I should not be concerned.

2) The second detection looks like a more serious one.
The scan detects two instances of PUM:

[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters | DhcpNameServer : ([])  -> Found
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{1d22f487-b6aa-405e-b179-1ed50869d723} | DhcpNameServer : ([])  -> Found

I will then remove them with Rogue Killer, restart the machine, run Rogue Killer again and both instances are detected once again.

I even fully formatted the hard drive and installed everything again. The problem persists.
As this is an hp laptop with factory installed software, I am guessing that the infection is somewhere in that factory installed area that the new format will never erase.

I have Malwarebytes and Norton also installed and none of them detect anything.

Can you please give me some advice on how to proceed for removal?

Thank you.

Les comptes en doublon ne sont pas bien vus sur le forum.
Le compte "tftg_p2dt_ovodoi" est à présent désactivé.

Pour rappel :
Quote from: Curson
Au vu de ceci et de la totale désorganisation de vos propos, je ne peux qu'en déduire que vous êtes incapable de suivre des instructions / recevoir de l'aide via un forum.
Aussi, je vous demande instamment de plus ouvrir de nouveaux sujets / de poster des propos qui ne concernent pas directement les produits Adlice.

Meilleures salutations.
Malware removal help / Bureau/barre des taches/explorer freeze en sans echec
« Last post by tftg_p2dt_ovodoi on February 17, 2018, 02:17:03 pm »
Bonjour à tous,

Mon pc de bureau à le bureau/barre des taches/explorer qui freezent en mode sans-échec aussi bien qu'en mode normal,

Ci dessous les rapports rogue killer,  frst, addition et shortcut:

RogueKiller / Re: ===> False Positives <===
« Last post by Curson on February 10, 2018, 01:31:17 pm »
Hi Kylyx,

Thanks for your feedback again.
I'm sorry but these won't be whitelisted. Viewpoint Media Player is detected as PUP since it's often being installed without user consent and actively collect user data.

However, as a Premium user, you can manually whitelist it using RogueKiller External Scanner.

RogueKiller / Re: ===> False Positives <===
« Last post by Kylyx on February 10, 2018, 12:38:03 am »
Hi Kylyx,

We will whitelist Carbonite.
Waiting for the others.


Thanks! Here's the other AOL related items...

¤¤¤ Registry : 3 ¤¤¤
[PUP.Gen1] (X86) HKEY_LOCAL_MACHINE\Software\MetaStream -> Found
[PUP.Gen1] (X86) HKEY_LOCAL_MACHINE\Software\Viewpoint -> Found
[PUP.Gen1] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\ViewpointMediaPlayer -> Found

¤¤¤ Files : 3 ¤¤¤
[PUP.Gen1][Folder] C:\ProgramData\Viewpoint -> Found
[PUP.Gen1][Folder] C:\ProgramData\Viewpoint -> Found
[PUP.Gen1][Folder] C:\Program Files (x86)\Viewpoint -> Found
Malware removal help / Re: dwm.exe Proc.Injected
« Last post by Curson on February 05, 2018, 09:09:45 pm »
Hi khuntim,

Could you please attach RogueKiller JSON report with your next reply ?

Malware removal help / Re: dwm.exe Proc.Injected
« Last post by khuntim on February 05, 2018, 08:19:18 pm »
using and still get Proc.Injected C:\Windows\System32\dwm.exe on all my PCs?
Malware removal help / Re: Recurent threat.
« Last post by Curson on February 05, 2018, 02:15:14 pm »
Hi Ajohin,

You are very welcome.
Thanks for the kind words. :)

Malware removal help / Re: Recurent threat.
« Last post by Ajohin on February 05, 2018, 12:15:44 am »
Ok, again, my thanks for you, makin such a great job! :)
Pages: [1] 2 3 ... 10