Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.


Messages - Curson

Pages: [1] 2 3 ... 122
1
RogueKiller / Re: Plantage Firefox Vers 52.4+envoi rapport impossible
« on: October 21, 2017, 11:15:59 pm »
Bonjour,

Heureux d'avoir pu vous aider.

Meilleures salutations.

2
RogueKiller / Re: Plantage Firefox Vers 52.4+envoi rapport impossible
« on: October 19, 2017, 10:59:42 pm »
Bonjour,

Merci pour votre feedback.
Quote
Apparemment il y a  3 objets  infectés. qui peut m'aider à  éradiquer  ces  3 éléments
Il s'agit de faux-positifs, vous pouvez les ignorer.

Quote
D'autres part j'ai vu avec Process explorer qu'un SVCHOST 1688 Generic Host Process for Win32 service, un fichier wuaueng.dll+0xa4f42 occupe le CPU a 17% à 20% , j'ai vu cela dans l'onglet Threads.
Cette DLL fait partie de Windows Update, votre ordinateur l'utilise pour installer des mises à jour. Par conséquent, la consommation de CPU est normale.

Meilleures salutations.

3
RogueKiller / Re: Roguekiller quits in the middle of a scan
« on: October 17, 2017, 06:30:20 pm »
Hi retractableawnings,

Thanks for your feedback. No, it won't be necessary for now. Please tell me if the issue occurs again and we will do it.
Yes, we are using Teamviewer for live session.

Regards.

4
RogueKiller / Re: Roguekiller quits in the middle of a scan
« on: October 17, 2017, 02:04:50 pm »
Hi retractableawnings,

Thanks for your feedback.
Would you agree to do a live session with us in order to retrieve more information about the issue ?

Regards.

5
RogueKiller / Re: Roguekiller quits in the middle of a scan
« on: October 16, 2017, 11:35:49 pm »
Hi retractableawnings,

This is quite unusual.
Could you please check the content of the following folder and attach the last modified file with your next reply ?
Quote
C:\ProgramData\RogueKiller\Logs
If the folder is empty, please tell me.

Regards.

6
RogueKiller / Re: Roguekiller quits in the middle of a scan
« on: October 16, 2017, 09:49:56 pm »
Hi retractableawnings,

Sure.
Go to the "History" tab, "Scan Reports" section. Double-click on the first report to open its instance, then hit the "Export JSON" button.
Give a name to the report and save the file on your desktop. Then, please upload it using the "Attachments and other options" on the message options.

Regards.

7
RogueKiller / Re: Roguekiller quits in the middle of a scan
« on: October 16, 2017, 07:41:32 pm »
Hi retractableawnings,

Welcome to Adlice.com Forum.
Could you please attach RogueKiller JSON report with your next reply ?

Regards.

8
RogueKiller / Re: [Mefysto] PUM récurrents détectés par Roguekiller
« on: October 15, 2017, 03:53:53 pm »
Bonjour,

La détection [PUM.StartMenu] signifie que la valeur d'une clé de Registre n'est pas la valeur par défaut, mais ce n'est pas nécessairement malicieux.
Dans votre cas, le suivi des applications lancées (App Launch Tracking) est désactivé (valeur de Start_TrackProgs à 0), c'est légitime.

Meilleures salutations.

9
MRF / Re: PE Data error
« on: October 12, 2017, 03:22:06 pm »
Hi plamentenev,

Thanks for your feedback. I'm glad I was able to help you.
Many thanks for the kind words, this is appreciated.

Regards.

10
MRF / Re: PE Data error
« on: October 12, 2017, 02:45:42 pm »
Hi plamentenev,

It seems there is an issue with some Python modules.
Could you please try the following command line ?
Code: [Select]
sudo apt-get --reinstall install python-pyasn1 python-pyasn1-modules
Regards.

11
MRF / Re: PE Data error
« on: October 12, 2017, 02:16:20 pm »
Hi plamentenev,

Could you please install the Future package and test if it solves the issue ?
Code: [Select]
pip install future
Regards.

12
MRF / Re: PE Data error
« on: October 12, 2017, 01:22:49 pm »
Hi plamentenev,

Welcome to Adlice.com Forum.
Could you please attach Apache logfile (last lines) in your next reply ?

Regards.

13
RogueKiller / Re: Allways the same PUM
« on: October 11, 2017, 01:58:19 pm »
Hi antianus,

The [PUM.StartMenu] detection means that the value of a Registry key is not the default one, but it's not necessarily malicious.
In your case, App Launch Tracking is disabled (Start_TrackProgs value set to 0), it's legit.

For more information, please refer to RogueKiller Documentation.

Regards.

Note : This thread has been moved to the "RogueKiller" section for clarity.

14
TaskSTRun / Re: Rootkit on my computer or false positive?
« on: October 10, 2017, 01:47:56 pm »
Hi antianus,

Welcome to Adlice.com Forum.
A red entry means that the specified driver is configured to be loaded early in Windows boot process. They are not malicious.

On a side note, TaskSTRun is not developped anymore so it may be possible that incorrect results are reported.

Regards.

15
RogueKiller / Re: Plantage Firefox Vers 52.4+envoi rapport impossible
« on: October 08, 2017, 10:46:46 pm »
Bonjour,

Merci pour le feedback.

Meilleures salutations.

Pages: [1] 2 3 ... 122