Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

Messages - Curson

Pages: [1] 2 3 ... 143

ForceHide, Task2Run, VirusTotal Uploader et Log Analyzer sont obsolètes et plus aucun support ne sera apporté sur ces produits.

-Version installable, mise à jour auto & version premium
Ces fonctionnalités sont présentes dans tous nos produits actuels, à savoir RogueKiller, PEViewer, Diag et UCheck.

-LogAnalyzer Premium: possibiliter de créer automatiquement des scripts de désinfection
Une fonctionnalité similaire existe avec la Suppression Cloud (Diag).

-Nouvel habillage identique à UCheck 3 & Diag & RK 13 dans Adlice PE Viewer, VirusTotal Uploader & Log Analyzer
Ceci est prévu pour PEViewer.

Pour les questions concernant le rebranding, merci de passer directement par le formulaire de support du logiciel concerné.

Meilleures salutations.


Tous les produits Adlice orientés Desktop partagent à présent une interface similaire, de manière à améliorer l'expérience utilisateur.
Il est toujours possible de faire un rebranding des logos.

Yara Editor ne sera bientôt plus disponible en version Desktop, mais uniquement en version WEB.

Meilleures salutations.

RogueKiller PREMIUM / Re: Real Time Protection?
« on: January 11, 2019, 02:53:56 am »
Hi sambud,

Quote from: Curson
Has anyone else physical access to your computer ?

The file you attached is not the fixlog.txt file. Could you please attach it with your next reply ?


RogueKiller / Re: ===> False Positives <===
« on: January 10, 2019, 10:10:47 pm »
Bonjout Pierre,

Mais de rien.

RogueKiller PREMIUM / Re: Real Time Protection?
« on: January 08, 2019, 09:30:50 pm »
Hi sambud,

Where to find the fixlog.tx ?
It should be located on your desktop.

My theory the adversary poisoned the network and was able to install the keylogger, root kit programs and so whether there would be internet or not, device would be accessible.
Has anyone else physical access to your computer ? If not, it can't be accessed from remote if not connected to the network.
Besides, no rootkits are installed on your computer and FRST did not show the presence of keyloggers.

Then who is TrustedInstaller (see attached) who is preventing me from making or reverting app's changes back to default normal settings, and I'm not even the grandest admin, that account is higher than me as an admin.
Windows 10 changed the way permissions are granted and a "normal" Administrator account is limited. "Specials" accounts such as TrustedInstaller, SYSTEM, etc. are used to perform administrative tasks.

EDIT:  See I searched around[...]
It concerns Windows XP and as I said above, users management changed since then.

In addition, maybe this is what happened all the way before this all even got started[...]
It your computer was compromised this way, there will be a clue with the FRST reports. By the way, the "Open with Application Issue" problem reported by CCleaner is not malicious.


RogueKiller / Re: faux positif
« on: January 08, 2019, 09:08:02 pm »

Merci pour votre feedback.
Nous allons investiguer.

Meilleures salutations.

RogueKiller / Re: ===> False Positives <===
« on: January 08, 2019, 09:07:18 pm »
Bonjour Pierre,

Bonne année à toi aussi.
SlimWare a été racheté par AVG Technologies et possède donc maintenant un certificat AVG. Cependant, il est toujours considéré comme PUP par de nombreux éditeurs, ce n'est donc pas à proprement parlé un FP.

Je te conseille de le faire désinstaller.

Meilleures salutations.

RogueKiller PREMIUM / Re: Real Time Protection?
« on: January 06, 2019, 06:04:32 pm »
Hi sambud,

Could you please attach the fixlog.txt report with your next reply ?

Until the perpetrator changed the settings, now I can't even run the game.   It says "may not have the appropriate permissions to access the item."
Your system seems damaged.

Even when I am no longer connected to the internet, the adversary is able to remotely control my computer.
I'm sorry, but that's not possible.

How to REMOVE hidden user accounts in Windows 10??

I discovered this when I am trying to make changes in my system, and this account wasn't in my control panel  Users list, nor I created it.
There is only 1 account for this device.
There is five accounts registered on your computer :

Code: [Select]
Administrator (S-1-5-21-2967969622-1393707293-1905837764-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2967969622-1393707293-1905837764-503 - Limited - Disabled)
Guest (S-1-5-21-2967969622-1393707293-1905837764-501 - Limited - Disabled)
User (S-1-5-21-2967969622-1393707293-1905837764-1002 - Administrator - Enabled) => C:\Users\User
WDAGUtilityAccount (S-1-5-21-2967969622-1393707293-1905837764-504 - Limited - Disabled)

As you can see, only the "User" account is enabled and it's yours. Please don't try to delete it.


RogueKiller / Re: faux positif
« on: January 06, 2019, 05:56:47 pm »

Bienvenue sur le forum Adlice et merci pour votre feedback.
Pouvez-vous redémarrer votre machine, refaire un scan et vérifier si ces détections sont toujours présentes ?

Meilleures salutations.

RogueKiller PREMIUM / Re: Real Time Protection?
« on: January 04, 2019, 10:42:35 pm »
Hi sambud,

Please uninstall the following applications :
  • Spybot - Search & Destroy (outdated and may cause instability issues)
  • Super Seducer (infected cracked game)
  • Assassin’s Creed Odyssey (possibly infected cracked game)
You are using other cracked games that may contain malware. Please be aware of it.

Download attached fixlist.txt file and save it to the Desktop.
NOTE. It's important that both files, FRST and fixlist.txt are in the same location or the fix will not work.

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system !

Run FRST and press the Fix button just once and wait.
If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.
When finished FRST will generate a log on the Desktop (Fixlog.txt). Please attach it to your reply.

How is your computer running ?


UCheck / Re: Ucheck link wrong
« on: December 28, 2018, 07:08:37 pm »
Hi jmcgrat5,

Welcome to Forum.
This is likely a false positive. Please do a scan, go to the "Installed" tab, then filter by "libreoffice" keyword and do a screenshot of the results. Could you please attach this screenshot with your next reply ?


RogueKiller PREMIUM / Re: Real Time Protection?
« on: December 28, 2018, 06:35:46 pm »
Hi sambud,

Because remote hacker contacts me and lets me know in a sadistic manner that "I've been hacked"  "I'm getting hacked"  or that he's "hacking!" and after that continues to troll and actively mess around with my settings.
Interfering with what I'm doing, force restarting, crashing my apps, etc.  To avoid me finding fixes, IE:  updating the Windows 10 to the fullest version because I can't not being an admin.
Could you please send screenshots of these ?

Please download Farbar Recovery Scan Tool (x64) and save it to your Desktop.
  • Right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will produce a log called FRST.txt in the same directory the tool is run from.
  • Please attach log back here.
  • The first time the tool is run it generates another log (Addition.txt - also located in the same directory as FRST.exe). Please also attach that along with the FRST.txt into your reply.

RogueKiller PREMIUM / Re: Real Time Protection?
« on: December 26, 2018, 06:50:45 pm »
Hi sambud,

The causes of all these are mostly a damaged system. However, we are going to check your system for rootkits.
  • Please download TDSSKiller and save it to your Desktop.
  • Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.

  • Check Loaded Modules and Detect TDLFS file system
  • If you are asked to reboot because an "Extended Monitoring Driver is required" please click Reboot now.

  • Click Start Scan and allow the scan process to run.
    If threats are detected select Skip for all of them unless I instruct you otherwise.
  • Click Continue

  • Click Reboot computer
Please attach the contents of TDSSKiller.[Version]_[Date]_[Time]_log.txt found in your root directory (typically C:\) in your next reply.


RogueKiller PREMIUM / Re: Real Time Protection?
« on: December 25, 2018, 05:59:30 pm »
Hi sambud,

Your system is clean.

The [PUM.StartMenu] detection means that the value of a Registry key is not the default one, but it's not necessarily malicious.
In your case, App Launch Tracking is disabled (Start_TrackProgs value set to 0), it's legit.

Since, this is a Windows settings, the value is automatically restored on reboot, thus RogueKiller detecting it again.
Regarding Malwarebytes, it seems it detected someting on your system HOSTS file, but it was succesfully restored.


RogueKiller / Re: ===> False Positives <===
« on: December 25, 2018, 05:50:34 pm »
Hi Trombyl,

Welcome to Forum and thanks for your feedback.
This is indeed a false positive, most likely caused by an issue with RogueKiller latest version installer. We will investigate and fix this as soon as possible.


Pages: [1] 2 3 ... 143