Jump to content

Not sure if a false positive pid.dll


Recommended Posts

  • Replies 56
  • Created
  • Last Reply

Top Posters In This Topic

On 11/16/2018 at 7:09 PM, concernedboi said:

Glad to hear this was a false positive. I deleted the files from quarantine in a state of panic... is this bad or will my system run fine?

In the future, I would highly recommend that you do not empty the quarantine folder for at least 48 hours. The files in quarantine cannot harm your computer

Edit. Please see this post for fixes.

 

Edited by shadowwar
sfc wont restore reg entries.
Link to post
Share on other sites

No you don't need that amount of spaces @concernedboi I put them in on purpose because I wanted to make sure you didn't miss them. The DOS box will ignore the extra white-space from the spaces but it has to have at least one space between the command and the switch

DIR /a c:\windows\SysWOW64\pid.dll

 You can also copy/paste that command too if you want.

Link to post
Share on other sites

Ok to sum up the fixes here:

First if you still have the items in quarantine then please restore them from malwarebytes quarantine. If you havent rebooted since detection you may have too to be able to restore them. If you no longer have them in quarantine then please proceed below.

 

This should be the easiest for most users:

  1. Select the Start  button, type control panel, and then choose it from the list of results.
  2. Enter recovery in the Control Panel search box.

image.png.7e15c4af5c499492bf247b0684b1f117.png

  1. Select Recovery > Open System Restore > Next.

image.png.a56faaeaffe222bd848bf92344cbe252.png

  1. Choose the most recent app, driver, or update on the list of results, and then select Scan for affected programs. You'll see list of items that will be deleted if you remove this restore point. If you're OK with the deletions, select Next > Finish. Or, if needed, select an earlier restore point before selecting Next > Finish.

Make sure to chose the most recent restore point right before the removal.

If you dont have the restore points then you can try this:

Download the attached pizfix.zip file to your desktop

Unzip the file to the desktop. It has to create a folder on the desktop called pidfix or this will not work.

two files will be inside.

inside the pidfix folder rightclick the fixme.bat and select from the menu run as administrator.

This will restore the registry entries and run sfc on just the file needed to restore.

 

 

 

 

pidfix.zip

Edited by shadowwar
Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    No registered users viewing this page.


Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.