Re: False positive?

Hello

I am also getting this error

# AdwCleaner v6.030 - Logfile created 28/11/2016 at 05:51:43 # Updated on 19/10/2016 by Malwarebytes # Database : 2016-11-28.1 [Server] # Operating System : Windows 7 Ultimate  (X64) # Username : Gamefan - Gamefan-PC # Running from : C:\Users\Gamefan\Desktop\adwcleaner_6.030.exe # Mode: Scan # Support : https://www.malwarebytes.com/support



***** [ Servic...

Re: False positive?

Greetings,

About KLM\SOFTWARE\CLASSES\APPID\{93469602-4134-4012-A6BC-3E73B9855F90}, this entry is related to a potentialy unwanted software (AuslogicsBoostSpeed).

About WinZip, it seems to come with nasty things (repack/bundle). Of course, we stands against such practices. We'll do some more research on that, I'll keep you informed.

Regards,


cocochepeau, 2016-11-28 08:52:31 (UTC)

I dont ...

Re: Ransomware .shit?

Hello, Pelle!

It's sad to say, but all versions of Locky ransomware, including .shit can't be decrypted. The only thing that you can do is to delete the virus from your PC and try to avoid the suchlike infection next time. Of course, you should keep the encrypted files somewhere, to be able to decrypt them when the decryption tool will be released. If you're interested in this - this article m...

Re: Can't delete UC Guard

Hello,

Thanks!

So, we'll remove the tools we've used:

  • Download DelFix from Xplode on your desktop;
  • Launch it with administrator rights;
  • Select all the option except the one proposing to save the registry;
  • Then click on the "Execute" button;
  • When everything is finish, the software will close itself;
  • Then a report appear on the notepad, please copy paste it's content in your answer.

Final...

Re: Can't delete UC Guard

Hello,

Fixlog:

Fix result of Farbar Recovery Scan Tool (x64) Version: 23-11-2016 Ran by M2-1900 (26-11-2016 08:42:31) Run:1 Running from C:\Users\M2-1900\Downloads Loaded Profiles: M2-1900 (Available Profiles: M2-1900) Boot Mode: Normal ==============================================

fixlist content: ***************** CloseProcesses: R1 UCGuard; C:\WINDOWS\System32\DRIVERS\ucguard.sys [81792 ...

Re: Can't delete UC Guard

Sorry, MBAM Scanlog (after restart)

Malwarebytes Anti-Malware www.malwarebytes.org

Scan Date: 25-Nov-16 Scan Time: 09:14 Logfile:  Administrator: Yes

Version: 2.2.1.1043 Malware Database: v2016.11.25.02 Rootkit Database: v2016.11.20.01 License: Trial Malware Protection: Enabled Malicious Website Protection: Enabled Self-protection: Disabled

OS: Windows 10 CPU: x64 File System: NTFS User: ...

Re: Can't delete UC Guard

Hello,

Can you share AdwCleaner logfile? (Usually from C;\AdwCleaner\AdwCleaner[Sxx].txt)

Then, use MBAM:

  • Please download MBAM: https://www.malwarebytes.com/mwb-download/thankyou/
  • On the Settings tab > Detection and Protection sub tab, Detection Options, tick the box "Scan for rootkits".
  • Under Non-Malware Protection sub tab Change PUP and PUM entries to Treat detections as Malware
  • Click o...

Re: WinZip - false positive?

Same here .. I deleted all Winzip folders - ran Adwcleaner - all OK. Re-installed Winzip Pro v21, and up popped the Winzip folders again. I then ran a full Malwarebytes scan, nothing. Then Nortons Antivirus .. nothing, then Microsoft's monthly malware application scan .. nothing. So, I'm not sure what's going on with Adwcleaner. And there's silence from Malwarebyte AntiExploit Premium.

Re: Dangerous?

Hello,

Thanks!

Please do the following:

  1. Download CCleaner from here, and install it.
  2. Start CCleaner (there should be a shortcut on your Desktop)
  3. Go in Options tab > Advanced, untick Only delete Windows temporary files older than 24 hours.
  4. Then in Options  tab > Surveillance, untick the both boxes.
  5. In the Clean tab, click on "Clean".
  6. When the cleaning is done, go in the "Registry" tab, c...

Re: Dangerous?

# AdwCleaner v6.030 - Logfile created 21/11/2016 at 18:59:50 # Updated on 19/10/2016 by Malwarebytes # Database : 2016-11-20.1 [Server] # Operating System : Windows 7 Home Premium Service Pack 1 (X64) # Username : Användaren - ANVÄNDARENS # Running from : C:\Users\Användaren\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\adwcleaner_6.030.exe # Mode: Scan # Support : https://www.malwareb...