0 Members and 1 Guest are viewing this topic.
New logs, this time from my home computer. The program still creates Uninfector_Unknown.log file. As per the Uninfector.log, the program has deleted the Mail.ru Cloud software:Code: [Select]DELETED - C:\Program Files\Mail.Ru\Cloud\1e12-6569-80ae-eac5=deletedDELETED - C:\Program Files\Mail.Ru\Cloud\Cloud.exe=deletedDELETED - C:\Program Files\Mail.Ru\Cloud\Cloud.exe.old=deletedDELETED - C:\Program Files\Mail.Ru\Cloud\splash.bmp=deletedDELETED - C:\Program Files\Mail.Ru\Cloud\unins000.dat=deletedDELETED - C:\Program Files\Mail.Ru\Cloud\unins000.exe=deletedDELETED - C:\Users\Kvark\AppData\LocalLow\Mail.Ru\GoMailRu.ico=deletedThis is a cloud storage, a definitely legitimate software. This is obviously a bug! Your program shouldn't has deleted it.I tried to use Urestore.exe. It only offers to restore all deleted items, but doesn't allow to select what should be restored. This is a feature I'd like to see in your "To do" list.
As for Mail.ru... this is another company that has many bad practices. So unfortunately it is easy for their programs to be placed into cleanup programs to be removed. Although they may have some software that is good. They use bad marketing by creating a browser hijacker that gets installed with some of their software. Which causes people to seek out ways to remove it. Which in turn places their software into virus definitions. I wish I could just change the definitions to only remove the toolbar... but I can't find enough info online to validate whatever subfolders could possibly be in the mail.ru folder to know what is good and what is bad. Unfortunately at this time I have to leave the mail.ru in the definitions since most info I find about it is bad. I'm not seeing much good that comes from it at all. I don't mean to pry... but why do you choose to use software that has such a bad reputation? When most people are seeking ways to remove it why would you trust a company with such a poor reputation? Once I can find the info I need to be able to differentiate what is good and what is bad that is made by this company then I will update the definitions. But at this time I'm afraid it will have to stay.
No. Currently the db only searches for folders. Not individual files. So the only way hiderun.exe would be removed is if it is in the folder which is flagged for removal.
Please allow Uninfector.exe to update itself and test it again. Thanks!
So it is a lot of work.
0.1.1.6:Improved: Services scanning is much faster! Probably saves at least 30 seconds of time.Fixed: Uninfector.exe is compiled using a newer version of the scripting language, which fixed the odd errors that were reported. Which also seemed to have speed up the scan process as well.New: If an Uninfector.Defs file is present next to Uninfector.exe then the downloaded Uninfector.Defs file will now overwrite it so that Uninfector.Defs that users manually use are updated if they ever decide to Update through the program.Fix: When "UpdateDefs=N" in the config file, Uninfector failed to run. This is now fixed.New: File Scanning is now added. Specific areas of the System drive are now checked for specific files listed in the Defs. So if an infected file is found in places like the Windows directory, System32, Drivers, Root of the drive, AppData folders, and so on... they will be removed.New: Google Chrome Files are now processed and removed if listed in the Defs.New: Mozilla Firefox Files are now processed and removes if listed in the Defs.0.1.0.7:Fixed: Bug that was caused by an error that was given that crashed Uninfector while running within WinPE x64. The bug was caused by an internal Function of Autoit (_ArrayUnique). For some reason this function does not seem to work within the x64 WinPE in a x86 compiled autoit executable. Although it seems to work fine within Windows x86 and x64 just fine. I have removed this Function for now. It wasn't really needed anyways.0.1.0.4:Fixed: Bug posted by d4vr0s which was caused by my Folder Scanning code. Thanks for reporting d4vr0s!!0.1.0.2:Fixed: Numerous scan optimizations. Specific areas were not scanning properly.Change: Uninfector.ini is no longer used as the Definitions file. Now Uninfector.Defs is used.New: Update options are now built in. You will be prompted for a choice if you want to update Definitions and the Uninfector.exe. If you select the check box "Do not show again" then a Config.ini file is created next to Uninfector.exe and evry time Uninfector.exe is launched it gets the answers from the config file and no longer asks if you wish to update or not.New: New Command Line parameter for Updates... /UpdateDefs (Will update Definitions Only) /UpdateAll (Will Update Definitions and Uninfector.exe)0.0.9.2:Fixed: Typo in my Unicode change in the previous version which caused the db to become corrupt. Quickly fixed. Sorry if anyone downloaded the previous version for the 10 minutes it was online.0.0.9.1:Removed: Deleted Unicode items from the online database (Uninfector.ini) to keep the file size smaller. All Unicode items are kept internally inside of Uninfector.exe.0.0.9.0:Added: User Folder Quarantine Removal. (AppData)0.0.8.9:Fixed: WinPE Scanning was only scanning the HKLM64 portion of the registry on x64 Hives.Improved: Optimized Registry scan.Improved: Full scan is much faster! 1 minute and 15 seconds to completion on my most recent tests!!!Added: Folder/File Quarantine/Removal.Added: Shortcut Removal from Desktop, Start Menu and Quick Launch.0.0.7.9:Fixed - Quarantine Restore was restoring some Registry Key Values incorrectly.
im gettingLine 9247 (File "[drivepath]\Techware\Uninfector.exe):Error: Variable must be type "Object".uninfector v0.2.3.6 in win10pese