LSArtem

Moderator
  • Content Count

    80
  • Joined

  • Last visited

  • Days Won

    4

Posts posted by LSArtem


  1. 19 hours ago, olegas22 said:

    Greetings,

    As shown in the VirusTotal analysis below, your engine detected a false positive. You must be sharing detection rules among other smaller antivirus vendors. We are in the process of contacting others as well.

    https://www.virustotal.com/gui/file/a0ceb1dc9e247e4e812ad32de60bb0aa3dafe523aed4252c7a9ce240cf1a6f61/detection

    The file in question is attached; password: infected
    Your quick attention to the matter is appreciated.

    Olegas

    StripHT_in.zip 134.26 kB · 0 downloads

    Hello!

    Your file is not detecting by Ad-Aware anymore due to Virustotal report https://www.virustotal.com/gui/file/a0ceb1dc9e247e4e812ad32de60bb0aa3dafe523aed4252c7a9ce240cf1a6f61/detection


  2. Hello! You can try to change default search engine and reset browser's settings. Do such actions in Chrome browser Menu->Settings-> Search engine or open an address chrome://settings/search , select Google or another search engine as default.

    image.png

     

    Go to Advanced settings and choose tab "Restore and clean up" and do "Restore settings to their original defaults"

    image.png

     

    If the same Phishing warning will appear again we'll try to find a service that makes changes to Chrome.

     

     


  3. Hello @Skurcey

    I recommend you uninstall existing version of Adaware.   Make full uninstall of CCleaner.  Reset DNS and DHCP servers configuration to default.  Download the latest version of Adaware from site

     image.png

    Install it and try to update definitions. 

    Also i wonder what option did you check -  install like second line of defence  or first one?


  4. 24 minutes ago, jjpp said:

    how do we remove this  I never asked for? Lavasoft my how do we remove this  I never asked for? Lavasoft my how do we remove this  I never asked for? Lavasoft my how do we remove this  I never asked for? Lavasoft my how do we remove this  I never asked for? Lavasoft my

    Hello!  Do these steps first:

     

    Download FRST and save it to your desktop: https://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/

    Disable any script blocker (disabling your antivirus protection should be enough), and then double click FRST file to run the tool.
    Read the disclaimer and click Yes to accept it.
    Click Scan button.

    • When done, FRST will create two (2) logs:
    • FRST.txt
    • Addition.txt
    • Attach those reports to your post.
    • Like 1

  5. 52 minutes ago, hynesfamily123 said:

    This was done while I was playing a game. It just popped up on BitDefender telling me that they had deleted a file that was a Trojan: yet I have not noticed any ads or difficulties on my browsers, nor do I notice any missing files.

    There is the full scan it sent me in the image pinned below

    In order for me to send the file over, I have to restore it back to my computer: won't it attack my computer if I restore it, however? How am I able to send it over here without the restored Trojan doing damage?

    infectedfile.PNG

    If you don't see any anoying pop-ups or scam in your browser - nothing to worry about.  Notification of BD means that it found web page in the Internet Explorer cache and this file contains some part of malicious script, so BD moves it to quarantine.  So if you visit again some site with such malicious web page Bit Defender will lock  and delete this file again. 

    • Like 1

  6. 5 hours ago, Jack said:

    Hello again,

    I apologise for my late reply. I followed the instructions above (fully removed all antiviruses, rebooted and installed adaware free with all definition updates and activated it).

    The scan showed no infections (all clean). I attach the files of the scan.

    Moreover, I also executed FRST64 file and attach the relevant files.

    Most likely it was a conflict between Panda and Adaware.

    Thank you again for your help and your patience,

    Jack

    adaware_Report_Full_Manual_30-4-2018 31554 μμ.xml

    Addition.txt

    FRST.txt

    scan.jpg

    Shortcut.txt

    Hello @Jack! 

    Glad to help you.  Yes it seems was one of the antivirus components.  If you have another questions please ask. 

     

    Many thanks to @CeciliaB


  7. 3 hours ago, Jack said:

    Hello,

    I cannot attach Ccleaner64.exe because upload fails and a message appears ( There was a problem processing the uploaded file. -200 ). I have also tried to zip it for less space but to no avail.

    Could you please explain that CCleaner was compromised last year ?

    I have just uninstalled Microsoft Essentials. How do I uninstall Panda without losing the license information? (Thus I can install it again).

    I have emptied temp folder.

    Thank you for your reponse

    P.S. I could send the file via email. If this is safe and possible please provide with an email adress.

    Thank you. 

     It seems your binary file of CCleaner is clean. 

     About CCleaner you can read a note here https://www.ccleaner.com/news/release-announcements/2017/9/18/security-notification-for-ccleaner-v5336162-and-ccleaner-cloud-v1073191-for-32-bit-windows-users

    Actually I don't know how Panda license works but the normal way to AV vendors is to provide user's accounts with licenses or store the key in a system for reinstall purpose. Panda's account might be here https://myaccount.pandasecurity.com 

    Also maybe this information can be useful for you https://www.pandasecurity.com/usa/support/andnow/.   If you have activation code - you can reinstall Panda without problems.

    Try to install the latest version of Adaware and do a new scan just to be sure that the problem was in AV conflict.


  8. Hello!  

    Adaware's scanner found some suspicious activity in your system memory.  The problem is that it couldn't be deleted or terminated because it is a part of some Process that was allowed to run by your system and all antiviruses. It can also be a part of Panda utilities. 

    I can't find any anomalies except too working antivirus services and suspicious CCleaner64.  CCleaner was compromised last year. 

    First of all please send us binary file of CCleaner that is located here " C:\Program Files (x86)\CCleaner\CCleaner64.exe".  

    Clean your %Temp% folder (C:\Users\ADMINI~1\AppData\Local\Temp).

    So please try to uninstall all installed antivirus solutions (leave just license information).  Uninstall all Utilities that were installed with Antivirus.  Reboot your PC. 

    After that you can try to reinstall AdAware and make a new scan. 

     

    • Like 1

  9. On 9/30/2017 at 10:15 AM, platitude said:

    Daily scan still find a miner as a virus and removes it

    Hello! Please turn on AAW logging in such way:

     logging.png

     

    After that run again daily scan and wait for file detection.  

    Change view folder options in windows explorer to show hidden files.  Find Adaware log folder. It can be by one of these paths:

    %All Users%\adaware\adaware antivirus\

    %Program Data%\adaware\logs

    Pack this folder and attach archive to a post please.