Recent Posts

Pages: [1] 2 3 ... 10
1
RogueKiller / Detección muy vista
« Last post by Sergio on Today at 01:24:29 pm »
Suelo ver mucho Windows Security --> Malicious [PUP.gen1]. A que se debe este genérico?.
2
RogueKiller / Re: ===> False Positives <===
« Last post by welbot on Today at 03:44:52 am »
Hi,

Not sure if these have been reported yet, but I keep getting these 3 entries when I scan.

[PUM.StartMenu] (X64) HKEY_USERS\S-1-5-21-3591490448-2704826680-4139795447-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_TrackProgs : 0  -> Found
[PUM.StartMenu] (X86) HKEY_USERS\S-1-5-21-3591490448-2704826680-4139795447-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_TrackProgs : 0  -> Found
[PUP.Gen1][Folder] C:\Program Files\Windows Security -> Found

The first 2 I'm not 100% certain of their function, but at a guess, I think they're for placing recently used programs at the top of the start menu.
The 3rd entry has been confirmed as a new addition to version 1703 of Windows 10 by Microsoft. (The folder contains another folder called BrowserCore, and inside that is a BrowserCore.exe, a manifest.json file, and a folder named en-US.

Virus total scan of BrowserCore.exe found 0 reports of infection. (https://www.virustotal.com/en/file/9435f2f1d87523c13439887d0a76259cbb44dd6a37760fc353b7f1f023567160/analysis/1493256689/)
3
Hi Buckman,

You are welcome.

Regards.
4
Thanks for moving the post and the advice.
Yes the drive was configured to store temp data there because i didn't want it taking up space on the ssd.
once i ran the malwarebytes anti rook kit running it cleaned at lot of trojan files up and then I could then follow the remainder of your self help guide all the way to running malware bytes and adwcleaner 
I've got it figured out now thanks for the fast reply.
5
Hi Buckman,

Welcome to Adlice.com Forum and thanks for supporting our product.
How are your drives organised ? Is the system configured to store data on partition E ?

Please download Farbar Recovery Scan Tool (x64) and save it to your Desktop.
  • Right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will produce a log called FRST.txt in the same directory the tool is run from.
  • Please attach log back here.
  • The first time the tool is run it generates another log (Addition.txt - also located in the same directory as FRST.exe). Please also attach that along with the FRST.txt into your reply.
Please download SystemLook and save it to your desktop.
  • Double-click SystemLook.exe to run it.
  • Copy the content of the following codebox into the main textfield:
    Code: [Select]
    :dir
    E:\CATIA\license server /s /md5
    E:\temp files
    E:\temp files\tmp
    • Click the Look button to start the scan.
    • When finished, a notepad window will open with the results of the scan. Please attach this log in your next reply.
    Note: The log can also be found on your Desktop entitled SystemLook.txt

    Regards.

    Note : This thread has been moved to the "Malware removal help" section for clarity.
    6
    I got malware bytes anti rootkit beta running and it has identified at bunch of stuff once it finishes then ill post if i can get rkill and the rest to work.
    7
    I currently am unable to run programs like spybot search and destroy rkill.exe and most other forms of malware or virus removal programs due to requested resource is in use errors. i have run MSE and it picked up and cleaned a few thingsenought to get me to boot without safe mode but the only other software that i am able to run is  rougeKiller i have done 2 passes and it has made things betters but on the second pass it came up with a few errors went from over 200 hits to 45 but the dataup.exe is impossible to remove. i can rename folders but am unable to change permissions or details on folders that i don't recognize as software that I want.

    If I can get rkill.exe or iexplorer.exe to run then i think i can handle it from there.

    attached is the text log
    8
    Un peu rapé,

    Du coup sur tom's hardware, fei et sosvirus par ex., et depuis un an chercher et investiguer sur mes problèmes usb en question,

    Pour éviter de tout reinstaller un par un mes applications j'ai investi dans "silent install", "thinapp setup capture by vmware" et "cameyo", car les symlink manager genre steammover sont compliqués,

    Open-bar ici mes giveaways et skinpacks installés sur les 3 pc depuis noel

    Merci...
    9
    Bonjour,

    Sujets ouverts avec le pseudo "pro_rest" :
    Code: [Select]
    https://forum.nextinpact.com/topic/173372-impossible-t%C3%A9l%C3%A9charger-et-installer-framakey-asso-infect%C3%A9-par-searchgo123/
    https://www.aidoweb.com/forum/pro_rest-38740
    https://www.aidoweb.com/forum/windows-10-infecte-disque-reseau-38742
    https://www.aidoweb.com/forum/pc-2-infections-problemes-disques-usb-reseau-38744
    https://www.aidoweb.com/forum/remplacer-hitmanpro-kickstart-framakey-asso-desinfection-pc-1-bis-suite-searchgo123-chrome-38748
    http://www.geekstogo.com/forum/topic/367547-infections-on-two-computers-usb-problems/
    http://www.geekstogo.com/forum/topic/367623-french-topic-n-2-probleme-privileges-lancement-application/
    http://www.geekstogo.com/forum/topic/367615-frenche-topic-to-aura-topics-verouilles-sur-aidoweb/
    http://forum.zebulon.fr/probleme-avec-foxit-reader-t219445.html?p=1833739
    http://www.micro-astuce.com/Forum/remplacement-hitmanpro-kickstart-par-framakey-asso-t8059.html
    http://www.helpclic.net/forum/topic-48-pro-rest.html

    Pour rappel :
    Quote from: Curson
    Au vu de ceci et de la totale désorganisation de vos propos, je ne peux qu'en déduire que vous êtes incapable de suivre des instructions / recevoir de l'aide via un forum.
    Aussi, je vous demande instamment de plus ouvrir de nouveaux sujets / de poster des propos qui ne concernent pas directement les produits Adlice.

    Meilleures salutations.
    10
    Malware removal help / infecté par backdoor - désinstaller reimage repair
    « Last post by datwin-bordo on April 23, 2017, 12:47:44 pm »
    Bonjour à tous, sur d'autres forums je suis sous pro_rest, et malgré les restaurations vers les images systèmes du 5 février sur mon notebook via mon hdd externe de 3 to mypassport et macrium reflect, et de fin novembre/debut decembre via cyberlink power2go 11 boot environnement/mon hdd externe wd element de 900 Go, alors que ces restaurations jusqu'ici depuis decembre marchaient impec et je retrouvaais mes pc rapides sans restrictions/bugs respectivement depuis décembre/fevrier, mais la

    D'oû d'ailleurs il y à trois jours panne internet tout l'après midi sur tous mes appareils dont ma tablette, malgré les mentions "wifi/internet marche bien" sur android et mes pc,

    J'ai donc installe Freemake, Anvisoft Smart Defender, Reimage, Qone8, AVG

    Mais je suis infecté, les problèmes restrictions/disque réseau/avg secure search/advanced systemprotector/mpc cleaner et je veux virer cyberlink, bitdefender et freemake et je suis infecté par  freeven et reimage,  je ne veut pas changer le mot de passe du compte orange car mes parents risque pas être contents, et je souhaite supprimmer camtasia studio et daemon tools, et détails sur divers topics:
    http://www.geekstogo.com/forum/topic/367623-french-topic-n-2-probleme-privileges-lancement-application/
    http://www.helpclic.net/forum/topic-48-pro-rest.html

    J'ai télechargé spybot sur download.com

    Vous m'aidez ?
    Pages: [1] 2 3 ... 10