Adlice forum

General Category => Malware removal help => Topic started by: whitebro2 on September 26, 2019, 12:46:06 AM

Title: Error 5 on MalPE
Post by: whitebro2 on September 26, 2019, 12:46:06 AM

I got error 5 trying to remove cmdl32, UevAgentPolicyGenerator, and xpsrchvw.  Are those rootkits?

Title: Re: Error 5 on MalPE
Post by: Curson on September 26, 2019, 01:25:16 PM

Hi whitebro2,

Welcome to Adlice.com Forum.
No, these are not rootkits but they probably are protected by a malicious driver.

Please download Farbar Recovery Scan Tool (x64) (https://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/) and save it to your Desktop.

• Right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer.
  
• Press Scan button.
  
• It will produce a log called FRST.txt in the same directory the tool is run from.
  
• Please attach log back here using the "Attachments and other options > Attach" feature.
• The first time the tool is run it generates another log (Addition.txt - also located in the same directory as FRST.exe). Please also attach that along with the FRST.txt into your reply.
  

Regards.

Title: Re: Error 5 on MalPE
Post by: whitebro2 on September 26, 2019, 05:56:27 PM

Both are attached.

Title: Re: Error 5 on MalPE
Post by: Curson on September 27, 2019, 03:46:39 PM

Hi whitebro2,

Download attached fixlist.txt file and save it to the Desktop.
NOTE. It's important that both files, FRST and fixlist.txt are in the same location or the fix will not work.

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system !

Run FRST and press the Fix button just once and wait.
If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.
When finished FRST will generate a log on the Desktop (Fixlog.txt). Please attach it to your reply. A zip archive with the naming format Date_Time.zip should also be there. Please attach it as well.

Regards.

Title: Re: Error 5 on MalPE
Post by: whitebro2 on September 27, 2019, 05:47:14 PM

Both are attached.

Title: Re: Error 5 on MalPE
Post by: Curson on September 28, 2019, 11:19:05 AM

Hi whitebro2,

Thanks for your feedback. Your computer is clean.
​​You have enabled RogueKiller MalPE engine, which uses a predictive AI model. The engine is still is in beta state and prone to false positives detection, like some files in your case.

For the time being, these files will continue to be detected, unless you disable MalPE. If you decide to continue to use it, please ignore these detections until we improve the AI.

Regards.