Jump to content











Photo
* * * * * 2 votes

Techware Uninfector

adwcleaner registry cleanup virus malware security antivirus

  • Please log in to reply
89 replies to this topic

#51 d4vr0s

d4vr0s

    Member

  • Advanced user
  • 38 posts
  • Location:The greatest computer in the universe of time and space, designed by Deep Thought
  •  
    United States

Posted 28 October 2015 - 03:05 PM

Ran into the dreaded Variable must be type object.

This time it's Line 1977

Progress indicates: Scanning Folders: YSearchUtil

 

Uninfector.log

[Folders]
c:\ProgramData\Ask=Found

Uninfector_Unknown.log

[Suspicious Areas]
FOUND - AppInit_DLLs=C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL
Edit 2015-10-29 -
Tried again this morning, error at line 943 now.
Uninfector Modified time 04:10 EST

Edited by d4vr0s, 29 October 2015 - 11:13 AM.


#52 Siginet

Siginet

    Frequent Member

  • .script developer
  • 154 posts
  •  
    United States

Posted 29 October 2015 - 05:29 PM

I have compiled a new version v0.1.0.9 that is auto updatable by using the internal update option in Uninfector.  It is the exact same code as v0.1.0.8 but it is using a different version of autoit.  Let's see if this fixes the bug you posted about.  You can download this version here:

 

http://Techware.net/.../Uninfector.exe

http://Techware.net/...Uninfector.Defs



#53 d4vr0s

d4vr0s

    Member

  • Advanced user
  • 38 posts
  • Location:The greatest computer in the universe of time and space, designed by Deep Thought
  •  
    United States

Posted 29 October 2015 - 09:48 PM

Just ran it, no errors to report. :)



#54 Siginet

Siginet

    Frequent Member

  • .script developer
  • 154 posts
  •  
    United States

Posted 30 October 2015 - 02:15 AM

Just ran it, no errors to report. :)

Thats great to hear!!! Awesome!  Hopefully that bug is finally squashed for good. :)



#55 wimb

wimb

    Gold Member

  • Developer
  • 2281 posts
  •  
    Netherlands

Posted 30 October 2015 - 06:11 AM

For version 0.1.0.9  the Scanspeed (especially for Services) is improved and is now less than 2 min, whereas for version 0.1.0.7 scanning took 3 min.


  • Siginet likes this

#56 pscEx

pscEx

    Platinum Member

  • Team Reboot
  • 12688 posts
  • Location:Korschenbroich, Germany
  • Interests:What somebody else cannot do.
  •  
    European Union

Posted 30 October 2015 - 12:04 PM

My test:

 

I created a Win7PE CD containing uninfector exe/defs 0.1.0.7 as downloaded from reboot.pro.

 

config.ini:

[Techware Uninfector Settings]
UpdateDefs=Y
UpdateExe=Y

I booted from this CD and run Uninfector:

It downloaded Uninfector.exe 0.1.0.9 (telling by dialog) and Uninfector.defs 0.1.0.9 (silently).

The downloaded .exe overwrote the current older version in the app directory, the .defs did not.

 

Scan was ok.

 

Test: Change config.ini "UpdateDefs=N" and started Uninfector (now 0.1.0.9) again. Nothing happened. IMO the Uninfector.defs of the app directory should have been used and a scan been started.

 

Peter



#57 Siginet

Siginet

    Frequent Member

  • .script developer
  • 154 posts
  •  
    United States

Posted 30 October 2015 - 07:10 PM

My test:

 

I created a Win7PE CD containing uninfector exe/defs 0.1.0.7 as downloaded from reboot.pro.

 

config.ini:

[Techware Uninfector Settings]
UpdateDefs=Y
UpdateExe=Y

I booted from this CD and run Uninfector:

It downloaded Uninfector.exe 0.1.0.9 (telling by dialog) and Uninfector.defs 0.1.0.9 (silently).

The downloaded .exe overwrote the current older version in the app directory, the .defs did not.

 

Scan was ok.

 

Test: Change config.ini "UpdateDefs=N" and started Uninfector (now 0.1.0.9) again. Nothing happened. IMO the Uninfector.defs of the app directory should have been used and a scan been started.

 

Peter

Offline Defs files are intended for manual use.  So Uninfector does not touch them.  What I can do is... if there is an Uninfector.Defs located next to Uninfector.exe .and the user does decide to use the built in Update feature, then the downloaded Uninfector.Defs that is  put in the temp directory will then be copied into the Uninfector script directory to overwrite the Uninfector.Defs file.  But if no Uninfector.Defs file exists in the Script directory then the Uninfector.Defs file is only downloaded into the temp directory.



#58 pscEx

pscEx

    Platinum Member

  • Team Reboot
  • 12688 posts
  • Location:Korschenbroich, Germany
  • Interests:What somebody else cannot do.
  •  
    European Union

Posted 30 October 2015 - 11:38 PM

I think that we do not understand us completelly.

 

Let me give a table how it could work in my opinion:

  • Uninfector.Defs not present in the script directory (near Uninfector.exe)
    • "UpdateDefs=Y" > download to %temp%, scan and delete after scan
    • "UpdateDefs=N" > automagically do as if "UpdateDefs=Y"
  • Uninfector.Defs present in the script directory (near Uninfector.exe)
    • "UpdateDefs=Y" > download to %temp%, scan and delete after scan
    • "UpdateDefs=N" > Copy from script directory to %temp%, scan and delete the copy after scan.

Peter



#59 Siginet

Siginet

    Frequent Member

  • .script developer
  • 154 posts
  •  
    United States

Posted 31 October 2015 - 01:01 AM

I think it would be better to always overwrite the Uninfector.Defs if it is present next to Uninfector.exe.  This way if someone does do an update it will update their Uninfector.Defs automatically no matter what. This way if they do not use the "Do not ask again" option they can choose to update when they want.


  • wimb likes this

#60 pscEx

pscEx

    Platinum Member

  • Team Reboot
  • 12688 posts
  • Location:Korschenbroich, Germany
  • Interests:What somebody else cannot do.
  •  
    European Union

Posted 31 October 2015 - 09:05 AM

I agree.

 

But the issue is then still:

With "UpdateDefs=N" and an actual defs near the exe, no scan is made.

 

Peter



#61 pscEx

pscEx

    Platinum Member

  • Team Reboot
  • 12688 posts
  • Location:Korschenbroich, Germany
  • Interests:What somebody else cannot do.
  •  
    European Union

Posted 31 October 2015 - 01:35 PM

Imagine:

You want to repair an infected system, where no networking is possible (maybe because of the virus).

 

Created Win7PE CD with uninfector folder containing latest files:

  • Uninfector.exe 0.1.1.1
  • Uninfector.defs 0.1.1.1
  • config.ini:
    [Techware Uninfector Settings]
    UpdateDefs=N
    UpdateExe=N
    

 

As far as I understood, should the booted Win7PE CD use the Uninfector.defs "next Uninfector.exe" and start a scan or show the selection menu resp.

But that does not happen: Starting Uninfector.exe shows no reaction.

 

So an infected system w/o working network currently cannot be repaired.

 

Peter



#62 Siginet

Siginet

    Frequent Member

  • .script developer
  • 154 posts
  •  
    United States

Posted 31 October 2015 - 03:31 PM

Ok. I will look into this behavior. It's supposed to not ask to update if Uninfector.Defs is found next to Uninfector.exe and UpdateDefs=N.But it should use the current Uninfector.Defs and scan the computer.

#63 Siginet

Siginet

    Frequent Member

  • .script developer
  • 154 posts
  •  
    United States

Posted 31 October 2015 - 07:30 PM

Imagine:

You want to repair an infected system, where no networking is possible (maybe because of the virus).

 

Created Win7PE CD with uninfector folder containing latest files:

  • Uninfector.exe 0.1.1.1
  • Uninfector.defs 0.1.1.1
  • config.ini:
    [Techware Uninfector Settings]
    UpdateDefs=N
    UpdateExe=N
    

 

As far as I understood, should the booted Win7PE CD use the Uninfector.defs "next Uninfector.exe" and start a scan or show the selection menu resp.

But that does not happen: Starting Uninfector.exe shows no reaction.

 

So an infected system w/o working network currently cannot be repaired.

 

Peter

I confirmed the bug and have fixed it. ;)

You can auto update to v0.1.1.2

 

I will update the zip here soon.  But I am getting ready to take my kids out for Halloween soon.  So I may not have time to update the zip today.

 

Other changes are that it now copies the new Uninfector.Defs to the script directory if an Uninfector.Defs exists.

 

Also... it now scans and deletes files in specific areas of the C Drive if found. For instance on the root of C, Inside Windows folder, system32, drivers, User AppData folders, Program Files and so on. ;)  I also added scanning and removing bad google extension files.

 

Uninfector is pretty much a full blown Cleanup tool now!  Not much more areas to add.  I still have some tweaking to do with the code...but all tests seem to be working very well!!!


  • pscEx and wimb like this

#64 pscEx

pscEx

    Platinum Member

  • Team Reboot
  • 12688 posts
  • Location:Korschenbroich, Germany
  • Interests:What somebody else cannot do.
  •  
    European Union

Posted 31 October 2015 - 08:48 PM

Thanks for the fix. Tomorrow i'll try.

 

Don't worry about time.

 

We are here working on a project not forced by a boss.

 

Peter :cheers:



#65 pscEx

pscEx

    Platinum Member

  • Team Reboot
  • 12688 posts
  • Location:Korschenbroich, Germany
  • Interests:What somebody else cannot do.
  •  
    European Union

Posted 01 November 2015 - 10:16 AM

Version 0.1.1.4 works as expected. :good:

 

Peter


  • wimb and Siginet like this

#66 wimb

wimb

    Gold Member

  • Developer
  • 2281 posts
  •  
    Netherlands

Posted 02 November 2015 - 02:43 PM

Version 0.1.1.5 was used to scan Win10 x64 system on drive E: (fresh installed) and C: (Updated from Win 8.1 x64).

 

Attached File  UnLogW2.7z   447bytes   3 downloads

 

Uninfector.log files are created for scanning both drives E: and C: as given in attachment.

 

Some Internet Explorer keys are DELETED by Uninfector, which probably belong to the Win10 x64 system !!

 

Old Uninfector.log file is deleted when reusing Unifector.exe, which has the disadvantage that you cannot read anymore the previous log file .... May be you can use date-time stamp in the log filename.

I took precautions and copied first the old log file in order to keep it, so that I can present it now here ....

 

:cheers:

 

 



#67 Siginet

Siginet

    Frequent Member

  • .script developer
  • 154 posts
  •  
    United States

Posted 02 November 2015 - 04:27 PM

I noticed a few things that were in the definitions last night and removed them. You must have downloaded the Defs file. Efore I removed them. I noticed it right away. So the bad Defs file was online for only 5 minutes. Please restore the quarantine and run Uninfector again. 

 

Another area you can look at where things are removed is C:\Uninfector\Quarantine.  In there you will see a file qRegistry.vir. This file holds all Registry items that are deleted.  This is so Uninfector has the ability to restore them if needed in the future.



#68 wimb

wimb

    Gold Member

  • Developer
  • 2281 posts
  •  
    Netherlands

Posted 02 November 2015 - 04:53 PM

Urestore.exe was used to restore the lost keys.

After Update of Uninfector.Defs, then running Uninfector.exe does not produce log file anymore for system on drive E: and C:

 

So everything is OK now for version 0.1.1.5 

 

:cheers:


  • Siginet likes this

#69 Siginet

Siginet

    Frequent Member

  • .script developer
  • 154 posts
  •  
    United States

Posted 03 November 2015 - 07:36 PM

v0.1.1.6 is attached now. :)

This is a pretty big update compared to the previous version that was attached.  You will notice a big jump in the version numbers.  That is since we were using internal releases in this support thread. ;)

 

As always... please continue to report on your use to let me know how well it works for you.

 

Thanks Everyone!!



#70 pscEx

pscEx

    Platinum Member

  • Team Reboot
  • 12688 posts
  • Location:Korschenbroich, Germany
  • Interests:What somebody else cannot do.
  •  
    European Union

Posted 03 November 2015 - 07:48 PM

Tomorrow! Here is now late enough!

 

Peter :cheers:


  • Siginet likes this

#71 wimb

wimb

    Gold Member

  • Developer
  • 2281 posts
  •  
    Netherlands

Posted 04 November 2015 - 07:17 AM

Version 0.1.1.8 was used in Win8.1SE x64 PE and in Win10 x64 OS to scan my two Win10 x64 drives E: (fresh installed) and C: (updated from 8.1).

 

There were no log files produced and scanning is indeed very fast in about 1 min  :1st:

 

:cheers:


  • Siginet likes this

#72 d4vr0s

d4vr0s

    Member

  • Advanced user
  • 38 posts
  • Location:The greatest computer in the universe of time and space, designed by Deep Thought
  •  
    United States

Posted 04 November 2015 - 09:04 PM

I used 0.1.1.8 today and got 'Variable used without being declared'

line 3665

Scanning .Default Registry: Toolbar

 

Edit:

This system has a damaged registry, I don't believe it was caused by Uninfector.



#73 Siginet

Siginet

    Frequent Member

  • .script developer
  • 154 posts
  •  
    United States

Posted 05 November 2015 - 05:28 AM

I used 0.1.1.8 today and got 'Variable used without being declared'
line 3665
Scanning .Default Registry: Toolbar
 
Edit:
This system has a damaged registry, I don't believe it was caused by Uninfector.


Hopefully it is not caused by Uninfector. I don't see any area of that portion of the code that could cause this error. That code hasn't change since pretty much the beginning. So we will have to see if anyone else comes across this issue. Thanks for reporting.

#74 d4vr0s

d4vr0s

    Member

  • Advanced user
  • 38 posts
  • Location:The greatest computer in the universe of time and space, designed by Deep Thought
  •  
    United States

Posted 05 November 2015 - 12:11 PM

The Software hive was corrupt, my SOP is to scan computers offline with eset, frst and now Uninfector before trying to boot them to windows. The symptoms the end user described are in line with a corrupt hive.

 

Still, you may want some mechanism to deal with un-mountable hives as this sort of thing will crop up again when scanning systems offline.  :dubbio:



#75 d4vr0s

d4vr0s

    Member

  • Advanced user
  • 38 posts
  • Location:The greatest computer in the universe of time and space, designed by Deep Thought
  •  
    United States

Posted 09 November 2015 - 04:54 PM

Another variable must be type object error:

Line 943







Also tagged with one or more of these keywords: adwcleaner, registry, cleanup, virus, malware, security, antivirus

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users