-
Posts
22 -
Joined
-
Last visited
Everything posted by kafpolo
-
It could be, but why until now? many months have passed since the instalation, I'm sure I downloaded it from the official website, and from all the EXEs the only one that I have installed in the past, was "μtorrent"
-
Ok, thanks to @itman @Nightowl and @Marcos for helping 👍
-
Before closing this I have just one more question, can this incident make BSOD error "pool_corruption"?
-
What should I do about this? how could this problem be solved? __ Is this because of a bloatware? if so, What bloatware?
-
-
In the IFEO there are only CFGOptions, MitigationOptions and DisableExceptionChainValidation. I don't think there are any suspicious .exes
-
I don't think that this apply in my case, I got my pc (which is an ASUS) 1 year ago
-
So, that means that my pc is clear of infection?
-
I moved them to the recycle bin and nothing happened after i turned on the pc. Then I accidentally moved some back to the omnisoft folder and they changed their name, with $ and random letters an numbers, why did this happened?
-
No, it doesn't apply, I haven't installed any hacktool for Windows.
-
I did this and used the avast boot-time tool, there were no detections. -- Does that means that there isn't an infection? If so, what do I have to do with the omnisoft files and folders? Do I have to make any other scans?
-
I will do it. Do you recommend to use Avast Boot-Time scan tool in addition to the Eset Costum scan?
-
But I uninstalled firefox and this remained, as I started the pc this program started opening pages in the malicious firefox.
-
Yes, but it does not open any pop up, it does not run and it does not appear in the Task Manager. Basically doesn't work at all.
-
So in the registry I could find only this HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FeatureUsage\AppSwitched :: {7C5A40EF-A0FB-4BFC-874A-C0F2E0B9FA8E}\Common Files\OmniSoft\update.exe HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store :: C:\Program Files (x86)\Common Files\OmniSoft\uninstall\helper.exe Then I used the "revouninstaller" tool but there wasn't anything related to the Malware
-
There is nothing related to the malware software at control panel. ------ Thanks, I will try this.
-
No it doesn't runs since I did that
-
not even when I restart the pc.
-
No detections... I created the Firewall rule, the alert and log, but 4 hours later it has not detected anything yet. --- Is ther anything that I can do to get rid of this malware?
-
Do I have to upload the .EXE or all the files that are in that folder?
-
Yes, in Digital Signatures it appears that it is signed by Mozilla, and compared to the original, it has exactly the same configurations.
-
At the beginning when the computer was turned on the program was automatically executed, the program uses many resources and can even crash the computer. I managed to disable its execution at startup, and after making an analisys the ESET antivirus did not detected the malware. So, I know the location of the executable "C:\Program Files (x86)\Common Files\OmniSoft" but I don't see how to uninstall this program, It is not at the contoll panel. having access to the location of the program folder, how can I uninstall it?