Re: ADWCleaner Kills Kaseya

dans AdwCleaner par Overkill

It looks like it was fine, however running ADWCleaner caused the PC to lock up entirely, requiring a hard reboot.

I have seen this happen when user folders such as Documents/Desktop are redirected to a server or DFS namespace, such as \\domain.local\users\username\desktop, but this person had no such redirect as they have no server.

They might have a mapped drive to their NAS, but no folder r...

Re: ADWCleaner Kills Kaseya

dans AdwCleaner par fr33tux

Hello,

@Overkill:

It should be better with the latest definitions. Can you confirm ?

Best regards,

Re: ADWCleaner Kills Kaseya

dans AdwCleaner par Overkill

Hi Xplode, sorry for dropping off the map like that. Life has been crazy.

Kaseya changed their paths; here's their current paths (I included our GUID, but other companies will have a different one):

C:\Program Files (x86)\Kaseya\KRNSNC47953309850771\AgentMon.exe
C:\Program Files (x86)\Kaseya\KRNSNC47953309850771\curl.exe
C:\Program Files (x86)\Kaseya\KRNSNC47953309850771\DLLRunner32.exe
C:\P...

Re: adware removal problem with adware cleaner tool

1) There should be only one antivirus program in system!

 2) I recommend to uninstall this:

Bitdefender 60-Second Virus Scanner, ESET Online Scanner v3, Malwarebytes Anti-Malware version 2.2.1.1043, SUPERAntiSpyware. Also there are drivers from McAfee. Them also should be cleaned.

Traces from whole bunch of antivirus tools, like UVK - Ultra Virus Killer, Zemana, RogueKiller, ZHPCleaner, Tre...

Re: adware removal problem with adware cleaner tool

dans AdwCleaner par regist

1) There should be only one antivirus program in system!

 2) I recommend to uninstall this:

Bitdefender 60-Second Virus Scanner, ESET Online Scanner v3, Malwarebytes Anti-Malware version 2.2.1.1043, SUPERAntiSpyware. Also there are drivers from McAfee. Them also should be cleaned.

Traces from whole bunch of antivirus tools, like UVK - Ultra Virus Killer, Zemana, RogueKiller, ZHPCleaner, Tren...

Re: kfakeonomonapccoamcmdgpoaicnpnoo

Alors oui, effectivement, j'ai désinstallé chrome et tous les composants "Google", vires tous les fichiers dans USER (C:\Users\Utilisateur\AppData\Local\Google), redémarre la bête, passe un p'tit coup de ccleaner, puis RogueKiller ... et normalement ...

Enfin, pour moi, ça a fonctionné comme ça ;-)

Et dis toi comme dans la pub "Je l'aurais une jor, je l'aurais !" LOL

Re: kfakeonomonapccoamcmdgpoaicnpnoo

dans Disinfection par ****

Salut FredAtWeb

Effectivement ... On a de drôe de nom ... J'ai essayé avec RogueKiller (Version gratuite) mais rien de mieux .

Toujours ces deux fichiers qui disparaissent avec un passage d'ADW mais reviennent !!!

Il va falloir peut etre me résoudre a supprimer Goggle Chrome ! Je ne vois pas d'autre possibilité .. pour le moment.

Merci de ton aide . Si tu as un autre tuyau n'hésites pas A b...

Re: kfakeonomonapccoamcmdgpoaicnpnoo

Bonjour hamrog (on a tous de drôle de nom quand même ! LOL)

Hé bien oui ! Figures-toi que j'ai testé autre chose ... Essaye RogueKiller, dans sa version gratuite ;-)

A bientôt 

Re: ADWcleaner whitelist request for remote access tool called...

dans AdwCleaner par SavaTom

Unfortunately it still gets killed. I suspect it is javaw.exe since the remote software program runs on Java

http://i.imgur.com/ImbkIiJ.png

javaw.exe shows up twice in the debug log but it is not whitelisted.

Appreciate your help

Re: ADWcleaner whitelist request for remote access tool called...

dans AdwCleaner par SavaTom

Thank you for taking the time to work with me on this. It is greatly appreciated.

In the debug log I see SimpleService.exe as a service being killed with no whitelist line under it but it appears that file isn't actually the file that keeps the remote session active anyways.

I manually killed the SimpleService.exe service and the remote session stays active with no problems.

Please see scree...