Help with this Hijack / reg infection

Hi everybody,

I'am in trouble with an infection from a infected installation (all files, archives, download... from this has been removed).

After cleaning all suspicious programs on my compture (with CCleaner), I have clean up all caches files and repair the registre with it.

In third I do scan and clean up with the lasted version of Malwarebytes ; ADWcleaner ; Rkill and UnHackMe. Juste Male...

AdwCleaner & suggests.go.mail.ru

dans AdwCleaner par tester99

AdwCleaner 7.1.1. I think this is a false alarm:

***** [ Firefox URLs ] *****
PUP.Optional.Legacy             suggests.go.mail.ru

"C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja"

mailru.xml

<!-- This Source Code Form is subject to the terms of the Mozilla Public
   - License, v. 2.0. If a copy of the MPL was not distributed with this
   - file, You can obtain one at http://mozilla...

Adwcleaner vs Malwarebytes

dans AdwCleaner par heinz1

Aftr installing a Printer Software Adwcleaner found an Adware.

Adware.FileTour           HKLM\Software\Wow6432Node\Installer

Malwarebytes says my System is clean ? Which Software can i trust ?

 

Re: Newest adw version detects world of warcraft beta as a threat and deletes the whole thing.

dans AdwCleaner par fleks717

edit: in case you deleted the folder via adwcleaner you have to restore it and then locate the folder so your battlenet knows where the files are. otherwise its gonna re download it all. just restored it now so yea now i just have to remember to not delete it again when using adwcleaner again x) also the new version fixed the false positive: greast and fast!

AdwCleaner 7.1.1 false positive with Vulkan

dans AdwCleaner par HiSpeed

Hi,

Probably a false positive:

# -------------------------------
# Malwarebytes AdwCleaner 7.1.1.0
# -------------------------------
# Build:    04-27-2018
# Database: 2018-04-30.1
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start:    04-30-2018
# Duration: 00:00:11
# OS:       Windows 7 Professional
# ...

Re: Fibril.exe

dans Rkill par Destrio5

C'est OK pour ça ;)

Juste cette extension sur Firefox qui est douteuse :

FF Extension: (Flash Video Downloader) - C:\Users\pstar\AppData\Roaming\Mozilla\Firefox\Profiles\sovl3vhv.default\Extensions\artur.dubovoy@gmail.com.xpi [2018-03-29]

Re: AdwCleaner 7.1.0.0.

dans AdwCleaner par Destrio5

Hi,

Malwarebytes must be able to delete it :

https://downloads.malwarebytes.com/file/mb3/

Re: Fibril.exe

dans Rkill par RiiNeYScOo

Merci enfait j'ai trouvé c'était une connerie dans le registre ( HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Winlogon/fibril.exe ) Je l'ai supprimé j'ai plus de soucis... Mais tiens si tu veux quand même jeter un oeil au cas ou =>

https://pjjoint.malekal.com/files.php?read=FRST_20180427_n5k15h5b9u13

 

https://pjjoint.malekal.com/files.php?read=20180427_p6c157u8i10  

Re: Mon pc est lent, amazon assistant auto-installe seule, mon pc se déconnecte seul de la wifi

Salut,

Ok. Mais je viens de scanner mon pc à nouveau avec adwcleaner qui l'a detecté et supprimé. Voici le rapport

Mais je viens de redemarrer google chrome, et bien amazon y est toujours. :-s

Dead Rising 3 softonic viruses

Dead Rising 3 softonic viruses

I used adwcleaner to clean these viruses but they just keep on returning after boot-up.

Here are the names:

-Registry- [-] Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wiz

-Web browser- [-] [utorrent.en.softonic.com] [Search Provider] Deleted: utorrent.en.softonic.com [-] [dead-rising-3.en.softonic.com] [Search Provider] Delet...