Hi everybody,
I'am in trouble with an infection from a infected installation (all files, archives, download... from this has been removed).
After cleaning all suspicious programs on my compture (with CCleaner), I have clean up all caches files and repair the registre with it.
In third I do scan and clean up with the lasted version of Malwarebytes ; ADWcleaner ; Rkill and UnHackMe. Juste Male...
AdwCleaner 7.1.1. I think this is a false alarm:
***** [ Firefox URLs ] *****
PUP.Optional.Legacy suggests.go.mail.ru"C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja"
mailru.xml
<!-- This Source Code Form is subject to the terms of the Mozilla Public
- License, v. 2.0. If a copy of the MPL was not distributed with this
- file, You can obtain one at http://mozilla...doublechecked too it goes likes this:
survey -> close browser -> run adwcleaner -> pups found -> dont repair -> open browser again AND delete cookies -> close browser -> run adw cleaner again -> no pups found - so 100% cookie related - probably just gathering personal data via those i would guess and making profit over those eventho they pay you for survey
Hi yankeelady2015, you simply did a miracle! I performed the scannow as requested 16 day ago (CBS log posted above, with repairs). I tested the pc at reboot for about 10 days....always perfect!!! Thanks this wonderful forum my 10-years-old pc seems now to be a brand new pc! boot process in 3 minutes (inclusive antivirus) and zero hangs, zero BSOD: very good. I warmly warmly thank you a lot!!!! ...
Aftr installing a Printer Software Adwcleaner found an Adware.
Adware.FileTour HKLM\Software\Wow6432Node\Installer
Malwarebytes says my System is clean ? Which Software can i trust ?
edit: in case you deleted the folder via adwcleaner you have to restore it and then locate the folder so your battlenet knows where the files are. otherwise its gonna re download it all. just restored it now so yea now i just have to remember to not delete it again when using adwcleaner again x) also the new version fixed the false positive: greast and fast!
Hi,
Probably a false positive:
# -------------------------------
# Malwarebytes AdwCleaner 7.1.1.0
# -------------------------------
# Build: 04-27-2018
# Database: 2018-04-30.1
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 04-30-2018
# Duration: 00:00:11
# OS: Windows 7 Professional
# ...C'est OK pour ça ;)
Juste cette extension sur Firefox qui est douteuse :
FF Extension: (Flash Video Downloader) - C:\Users\pstar\AppData\Roaming\Mozilla\Firefox\Profiles\sovl3vhv.default\Extensions\artur.dubovoy@gmail.com.xpi [2018-03-29]
Merci enfait j'ai trouvé c'était une connerie dans le registre ( HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Winlogon/fibril.exe ) Je l'ai supprimé j'ai plus de soucis... Mais tiens si tu veux quand même jeter un oeil au cas ou =>
https://pjjoint.malekal.com/files.php?read=FRST_20180427_n5k15h5b9u13
https://pjjoint.malekal.com/files.php?read=20180427_p6c157u8i10
