Jump to content


Experienced Members
  • Posts

  • Joined

  • Last visited

Everything posted by Nicon

  1. Your permission buttons are disabled from looks like process explorer. Lets start by rights? Ransomware enabled?
  2. so you are tracking locations?
  3. Why would the host file be of any relevance to software changes?
  4. Can you show me a screenshot of the installed directory?
  5. Just because you are on a 64x machine does not mean you shouldn't use 32x apps. VLC 32x performs better so I'm told than the 64x. I'm happy to go into 32x/64x architecture in software development but only if you are truly interested. I would personally run the 32x if I used VLC. As for the version issue can you show any proof? BTW does the updater auto update or did you tell it to update? There are no schoolboy mistakes here.
  6. You don't need to check the size, it's clearly a bug. One I can't imagine how its produced. The string format changes while implementing the size. Almost as Two methods access the same column.
  7. My money on Win Patrol. Remove it. Running x amount of tools does not mean you are not infected by malware. Not saying you are but you have not trained to analyze a system. Using registry cleaners is highly overrated and can be dangerous. Using a cleaner to remove obsolete, invalid, and erroneous entries does not affect system performance but it can result in "unpredictable results". Often. You have no reason to be doing this.
  8. Hello, firstly I cannot stress enough to remove that image as contains emails. Some may be personal. The next is NOTHING other than windows built-in disc cleaner should attempt to remove these folders. Yes, it might take hours. The error is telling you to validate your Outlook Express account configuration. Specifically, if you click on the Tools menu in Outlook Express, then click on the Accounts menu. Finally, it is also possible that your mail server may simply be down. It does happen.
  9. Nicon

    Drive wipe

    Failing that use windirstat to find the culprit folder. https://windirstat.net/
  10. Just looked at its source. It sets the files attributes to normal then creates a new file in its place. No file is ever overwritten. The creator's idea of the Gutmann method(ignoring 20 years old and pointless ) is to use a for loop 35 times using an ineffective buffer. The code is utter garbage.
  11. If you forget to uncheck it then it's not the installers fault. You can use unchecky which is for average users who are not careful about reading everything and accept all defaults when installing programs.
  12. Is life so dull you must be so negative on a forum that you have uninstalled its product. What are you wishing to achieve? I would assume all mods give up their free time to do the best they can. I tried to assist you the other day and you refused to listen point blank. The mods are doing the best they can, each likely with a different skill set. I'm a Malware analyst and my words fell on death ears when I tried to help you. I can only imagine what the volunteers have had to go through. This just seems like a personal attack on Members who give up their own free time. I think you should respect that a little more. Forum helpers take a lot of stick. We can't always be right. I retired from Malware help after 6 years of success, fun and rude comments. The person who got me into Malware was the Malware helper form this forum around 10 years ago. I don't know any of the mods here so as you may put it, I am not "sticking up for them". I just want you to understand people who give their own free time do it for the simple reason they want to help. No One is perfect and there are better ways of raising a complaint.
  13. Please do not use System Mechanic. You should never use any Optimizer on your system. They cause more system damage than a lot of Malware and soon will be listed as such by Windows Defender. Having such a program installing on your system will just bloat it down and you have more chances to have issues. These types of software are advertised as a program that can solve all your issues, speed up your computer performance with a stupid figure. There is not a single program that can do that. You may be already in this mess because of simply clicking fix. The usefulness of cleaning the registry is highly overrated and can be dangerous. In most cases, using a cleaner to remove obsolete, invalid, and erroneous entries does not affect system performance but it can result in "unpredictable results". miekiemoes' Blog One suggestion is you may be infected with "Zero access rootkit" which in turn if you are messing with the registry can hamper malware disinfection and make the removal process more difficult if your computer is infected. For example, removing malware related registry entries before the infection is properly identified can contribute to system instability and even make the malware undetectable to removal tools. I am not allowed to ask for logs here so if you please follow Geekstogo which is the school I trained at. You may not be infected. But without running a system analyst scan It's guessing in the dark.
  14. 6 months to a year and now you complain? Can you prove the transaction? Instead of an unsourced rant provide information, evidence and act like an adult.
  15. Have you checked the Windows task scheduler? Select the task and right click "properties" there should be a History tab. History will need to be enabled. This should be located on the righthand side pane "Enable All Tasks History". Assuming you are on Windows 10.
  16. I experienced the heartache of it earlier this evening. SHA-256 ea2b0fe19acc526f8c634fe933f63b7f2a1911a27a74dc2d87a5ea6ac4a8f2b3 https://www.virustotal.com/#/file/ba400d0cb1773f5476ab4c391222303c543d993468625b2769f12256d3aa9145/detection
  17. Good evening. This is going around in circles because you are not listening. How could 58 other engines be so wrong? Stop focusing on basic false positives. The engines on VT have minimal disassembling power, and VT does not execute the files for more comprehensive analyses. I have already covered Endgames false positive so no need to go over old ground. ESET is clearly flagging the packed toolbar and states "potentially". Anity labs is/was a bit of a joke. It is because of such limitations VT engines have regarding disassembling makes the files extremely hard to read. Compressed and packed files, in particular, are often flagged as suspicious by VT. Considering heuristic analysis AV engines have no way to determine the good or pad in a program based on certain methods which therefore they may alert you of a dangerous nature. If a person has a firearm on them who can accurately distinguish between good or bad intentions. So we simply flag the firearm.
  18. I have tried to decipher your question a number of times. At first, I was on the same opinion as Andavari complaining about uninstallers. Although it is not always the uninstallers fault. That would require a whole different topic of discussion. But then you mentioned about installed programs that you no longer use. That should be quite plain and simple why the data still exists. So this leaves the question of what actually are you asking for? To focus on your final paragraph it would be absolutely impractical for ccleaner to make numerous requests to a search engine(that would be blocked as spam) to search for something it can't possibly comprehend. How could ccleaner suggest what programs to remove(ignoring I still don't know what you are asking for) based on users opinions? Anyone can create a webpage that Google can index. There could never be such a "reasonable answer". CCleaner is not artificial intelligence. This is ignoring a socket request to the site is dependant on the sites own response time. To finalize if(it never will be) the option was added it would lead to a flood of threads complaining ccleaner removed something it should not have done. Only you and you alone can decide what you no longer need. There is absolutely no way to safely "rate" an application based on scraping a site of data.
  19. Good evening. In my previous post, I stated it was down to own lack of education. I guess I should have expanded more. You are not qualified to understand the VirusTotal report hence this outburst. And I mean that in a nice way. Being a community member does not make you a Malware expert. The graphs you are looking at are only there to help identify the relationship between files, urls, domains and IP's. The file here is not flagged which is called the root node has not been flagged but the relationship with One of the above has been addressed. Any community investigation will be made public by the user unless set to private. It is nothing more than an attempt to generate a relationship between files and addresses. It is designed for investigators to share results with One another.
  20. Do you have Windows Defender Ransomeware enabled to protect that folder?
  21. the latest version for windows 7, 8 and 8.1 https://support.skype.com/en/faq/FA34841/updating-to-the-latest-version-of-skype
  22. Hello, I have just registered on the forum because of your concern. While I know it can be frustrating and confusing sometimes on the big world wide web, I think that it should also be noted it can sometimes be down to own lack of education. So please don't panic with Virus totals findings. Virus total is a very powerful tool. It is also a very confusing tool if you do not understand the basic mechanics of Security software and other tools such as Virus total. Moving on... I will focus on One example to keep it simple. If we take Endgame for example as the flagged AV vendor. The Engine on VT is a static ML(machine learning) module that does not use a database or heuristic scanning. The ML engine processes files on a point system. To make it simple let's say the engine scores a file 1 out of 10. This is called confidence scoring(I believe is the correct term). Here is the big catch. VirusTotal does not support confidence scores, so even very low score will flag up as Malware. For programmers out there a difference in score could be affected by the project being compiled in debug or release. Test it for yourself.
  • Create New...

Important Information

By using this site, you agree to our Terms of Use.