Jump to content

ItielMaN

Members
  • Content Count

    41
  • Joined

  • Last visited

Community Reputation

0 Neutral

About ItielMaN

  • Rank
    New Member

Recent Profile Visitors

1,651 profile views
  1. Okay then, I'm removing it. But remember, if something will go wrong, you owe me a beer!
  2. Even though it has what seems to be legit registry entries such as ToolboxBitmap32=C:\PROGRA~1\MICROS~3\Office12\OUTLOOK.EXE,5519, VersionIndependentProgID=Outlook.OlkTimeZone etc? I thought about removing the random junk in there manually. I won't notice as I don't use the desktop version of Outlook anymore. But I thought to report this so other users' Outlook won't get corrupted by this detection. Yes.
  3. I've just now tried scanning with the latest version 3.0.5 and it seems the issue is back. The key being targeted: Registry Key: 1 PUP.Optional.AdvancedSystemProtector, HKLM\SOFTWARE\CLASSES\CLSID\{B0F3F4F9-CB76-9A52-9442-B481A5FF49D3}, No Action By User, [348], [351523],1.0.791 The registry key is attached. I see some strange (what seems to be random) keys in it, not sure if that's related to the detection. Thanks. {B0F3F4F9-CB76-9A52-9442-B481A5FF49D3}.rar
  4. I can confirm this PUP is no longer detected in a new scan. Yes, a very long time ago. This topic can be closed if you have no more questions for me. Thank you
  5. I guess it would be possible to identify this item ({B0F3F4F9-CB76-9A52-9442-B481A5FF49D3}) as PUP only if does NOT contain the keys mentioned in my ZIP. Will re-scan and report back.
  6. Thanks. Also, note that one of the registry items that was detected in my report ({B0F3F4F9-CB76-9A52-9442-B481A5FF49D3}) matches the one that is pointed out in this article: https://www.symantec.com/security_response/writeup.jsp?docid=2015-071310-5228-99&tabid=2 Not sure if this article is wrong, or if this is a rare case where ASP has the same registry item as the Outlook's item.
  7. Hello, I wanted to test MBAM after upgrading it to v3 and made a scan. Some of the results are claiming some registry items are PUP.Optional.AdvancedSystemProtector, but infact they seem to be related to Microsoft Office Outlook Time Zone Control. I have Microsoft Office 2007 installed. Scan log, exported registry items and some files are attached in a zip (ignore the other items found in the scanlog). Note that I didn't scan with MBAM v2 perior to scanning with MBAM v3. Thanks. Items.zip
  8. Turns out, Windows 10 lacks full hebrew support (strange as Windows 7 was perfect from this perspective). Somehow I got a PC with a fresh-installed hebrew version of Windows 10 and it has the same issues mentioned in the first post. Thread can be closed here.
  9. Yeah, that's the first thing I checked. Hebrew is already the display language of Windows. Nothing else interesting there =\
  10. Hi fellas, So about 3 months ago I upgraded my Windows 7 to Windows 10, and now some system components reverted back to the english (was hebrew before). Windows 7 was originally english, and on top of that I installed a language pack. After the upgrade process I didn't do anything and Windows 10 was in hebrew, but not all of it (e.g. the entire window of regedit is in english, same for some elements in services.msc, devmgmt.msc ["Display adapters" and others]). Screenshot of what I mean by "some elements", in devmgmt.msc, is attached. I'm guessing this is becaus
  11. Meh, bummer. Ran TFC, rebooted, ran sfc /scannow, rebooted- the same.
  12. New progress: I can't see the 1969 but I can see 1.1.1970, 3AM. For example: I went to some if these locations and files and all of them have reasonable creation date (2004, 2008 etc).
  13. Hmm, didn't notice that before. I don't have access to this PC at the moment, I'll double check and will be back with answer. Yes, of course I have Windows XP CD but can't insert it to the CD drive remotely On second thought.. Tomorrow I'll see my friend in work. I'll give her the CD, after that I'll do the sfc. Please wait for my report. It might take 2 days or so. Thanks.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.