Re: Gismeteo add-on Firefox FP

Thanks, but I believe now there is a new FP : Key Found: HKLM\SOFTWARE\Microsoft\DevDiv I am not an expert, but I think this key is used to determine which version of Visual Studio is installed or something like that.

Re: Adwcleaner freeze when cleaning

# AdwCleaner v6.046 - Logfile created 14/05/2017 at 10:24:09 # Updated on 24/04/2017 by Malwarebytes # Database : 2017-05-14.1 [Server] # Operating System : Windows 7 Ultimate Service Pack 1 (X64) # Username : iQuang - IQUANG-PC # Running from : D:\Downloads\adwcleaner_6.046.exe # Mode: Scan # Support : https://www.malwarebytes.com/support

***** [ Services ] *****

No malicious services found....

Re: Malware or viruses?

Got the logfile

 

# AdwCleaner v6.046 - Logfile created 14/05/2017 at 11:13:11 # Updated on 24/04/2017 by Malwarebytes # Database : 2017-05-13.1 [Server] # Operating System : Windows 7 Home Premium Service Pack 1 (X64) # Username : Användaren - ANVÄNDARENS # Running from : C:\Users\Användaren\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\adwcleaner_6.046.exe # Mode: Scan # Support : h...

Re: ADWCleaner is "NOT Respoding" when Clean option is selected.

ClearLNK tool repair link:

https://up2sha.re/file?f=zweH25orBsQ2

Also i fixed those things using HijackThis, didn't find any log file here.

IORRT.bat <- This I got from a torrent, it puts Office (I used it for PowerPoint) into a permanent trial so that I can get genuine updates from Microsoft even if I don't buy a licence!

The script had an uninstall option which i used and it said it was u...

Re: ADWCleaner is "NOT Respoding" when Clean option is selected.

1) It this file known to you?

C:\IORRT\IORRT.bat

There is nothing any suspicious, please clean some trace.

2) Using  ClearLNK tool repair following links and attach tool's report to your message.

C:\Users\Vaishnavi\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\9690809c1adfae92\user0 - Chrome.lnk
C:\Users\Vaishnavi\AppData\Roaming\Microsoft\Intern...

Re: Sqlite3.dll is corrupted or has been replaced

1. ========================= SEAF 1.0.1.0 - C_XX 2. 3. Commencé à: 20:22:49 le 20/04/2017 4. 5. Valeur(s) recherchée(s): 6. sqlite3 7. 8. Légende: TC => Date de création, TM => Date de modification, DA => Dernier accès 9. 10. 11. ====== Fichier(s) ====== 12. 13. 14. "C:\$Recycle.Bin\S-1-5-21-2930367514-3777244872-2332374691-1000\$R6Q2HH9\sqlite3.exe" [ ARCHIVE | 726 Ko ] 15. TC: 20/04/2017,19:...

Re: menace trouvée: DrvAgent64.SYS - faux positif ?

Bonjour,

Un PUP nommé DriverAgentPlus installe ce fichier DRVAGENT64.SYS (DrvAgent32.sys sur un Windows 32 bits). Lien VirusTotal de l'analyse de l'installateur :

https://www.virustotal.com/fr/file/244b50458be045ec3ca37760b5a053e63b9dcdf93fcf8dc3890f4085ec63d9d1/analysis/1492370289/

# AdwCleaner v6.045 - Rapport créé le 16/04/2017 à 20:03:02
# Mis à jour le 28/03/2017 par Malwarebytes
# Bas...

ENABLESHELLEXECUTEHOOKS

Bonjour à tous !

Il me semble que je sois à nouveau infecté !!!

Lorsque je fais une analyse avec adwcleaner, voici ce qu'il me trouve :

 CLE : HKLM \SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\EXPLORER

Valeur  : ENABLESHELLEXECUTEHOOKS

Lorsque j'exécute un nettoyage , j'ai un écran bleu et un redémarrage de mon PC :

Vous avez toujours été de bons conseils !

En espérant que vous so...

Re: ADWCleaner is "NOT Respoding" when Clean option is selected.

I'm still having problems with Firefox, I think there's some URL malware that keeps infecting the shortcuts.

I uninstalled Firefox, deleted those folders causing problems ( C:\Users\Vaishnavi\AppData\Local\Firefox ) but still my shorcuts get infected with "www.qtipr.com". This doesn't just happen on startup. I have manually fixed the Target of the shortcuts but still after like an hour it gets...

Re: menace trouvée: DrvAgent64.SYS - faux positif ?

# AdwCleaner v6.045 - Rapport créé le 15/04/2017 à 10:48:27 # Mis à jour le 28/03/2017 par Malwarebytes # Base de données : 2017-04-14.1 [Serveur] # Système d'exploitation : Windows 10 Home  (X64) # Nom d'utilisateur : antoine - DESKTOP-AGA2HP0 # Exécuté depuis : C:\Users\antoi\Downloads\adwcleaner_6.045.exe # Mode: Scan # Support : https://www.malwarebytes.com/support

 

***** [ Services ] **...