Are these keys FPs? Could someone verify this? Thank you.

# AdwCleaner 7.0.0.0 - Logfile created on Sun Jul 23 10:21:28 2017 # Updated on 2017/17/07 by Malwarebytes # Database: 07-16-2017.1 # Running on Windows 7 Home Premium (X86) # Mode: scan # Support: https://www.malwarebytes.com/support

***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

PUP.Optional.GameVance, [Key] - HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{02F0243C-2E71-4A1A-A790-6C30888119D0} PUP.Optional.GameVance, [Key] - HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{AEB04B5E-C981-47A9-B847-33EE4C92F6B9} PUP.Optional.Legacy, [Data] - HKCU\Software\Microsoft\Internet Explorer\Main | ImageStoreRandomFolder [mv9xu40] PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{A16C3C98-917D-4FAE-8656-A3DC6425045C} PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{6D7B211A-88EA-490C-BAB9-3600D8D7C503} PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{594BE7B2-23B0-4FAE-A2B9-0C21CC1417CE} PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{16A14962-7C7C-40DA-8F25-7F82C12F0208} PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{1E2851D2-B2CA-4140-8D0E-A8EABE3D4E48} PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{6323EB95-40E2-4B6E-90FC-B32D3F7A290C} PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{23C7E613-D0B3-422D-884C-2B6173435214} PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{A1078221-6B36-448E-B891-E44F2EBDD1BF} PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{E2B9134A-BAFF-487B-BEED-D2D5EC2D55FB} PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{F518811C-2A50-4843-B7CF-76F2E7057B51} PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{88A48E77-CA6D-42C0-A0C2-50837C3728E0} PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{9B596622-FDDA-4E28-97F8-998C522FA58E} PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{C462528A-E3B6-4FFB-B639-51EFBBB5B77D} PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{B7063D54-EC61-4F72-90F2-D821AF4BE179} PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{284171A7-2F20-7504-35E0-E1B6810714B8} PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{A3F28548-3C77-410A-96CC-141321825248} PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{0BFBB2F0-4BDA-4E8D-9EF4-A2358E9525ED} PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{401E5CE3-2E10-46DA-9073-7DB0CA9797B3} PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{026C0095-251A-42F0-A434-2BF6B824C12F} Adware.TabToolbar, [Key] - HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{2C78191B-C1ED-4141-ABF3-847BAB92727A}

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries.

*************************

C:/AdwCleaner/AdwCleaner[S0].txt - [1253 B] - [2017/7/17 13:30:14]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt ##########

 

Re: False positives?

Hello,

The database has been updated since. Do you use a proxy?

Re: False positives?

I don't, actually. But let me scan again.

UPDATE: Here is the new log.

# AdwCleaner 7.0.0.0 - Logfile created on Mon Jul 24 17:28:09 2017 # Updated on 2017/17/07 by Malwarebytes # Database: 07-24-2017.1 # Running on Windows 7 Home Premium (X86) # Mode: scan # Support: https://www.malwarebytes.com/support

***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

PUP.Optional.Legacy, [Data] - HKCU\Software\Microsoft\Internet Explorer\Main | ImageStoreRandomFolder [mv9xu40]

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries.

*************************

C:/AdwCleaner/AdwCleaner[S0].txt - [1253 B] - [2017/7/17 13:30:14] C:/AdwCleaner/AdwCleaner[S1].txt - [4027 B] - [2017/7/23 10:21:28]

########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt ##########

 

Re: False positives?

I tried scanning again, and I got the first log's results again. So I tried re-downloading AdwCleaner and scanning again, and I got the second log's results. So I tried again with the old copy... and I got the second log's results.

What's going on...

Re: False positives?

Could be a delayed update. Sometimes, if you haven't restart your PC for long enough or have software in some specific environments, it can cause issues with the update. (Not sure or confirmed about this, just theorizing)

Re: False positives?

It's true I haven't restarted the PC since this whole thing started. Plus while I have IE installed I don't actually use it, not even browser helper objects or anything like that. Though I don't know if that counts for anything.

Re: False positives?

Hello,

Clovers: you may want to use this new 7.0.1.0 beta which should fix the issue: https://toolslib.net/downloads/viewdownload/1-adwcleaner/files/1021/

Best regards,

Re: False positives?

Beta version still detects the second result (as the regular version), as well as new entries...

Here's the log.

# AdwCleaner 7.0.1.0 - Logfile created on Fri Jul 28 06:51:31 2017 # Updated on 2017/05/08 by Malwarebytes # Database: 07-27-2017.2 # Running on Windows 7 Home Premium (X86) # Mode: scan # Support: https://www.malwarebytes.com/support

***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

PUP.Adware.Heuristic, C:\ProgramData\4690C72B-FD52-46BD-BB70-A7B9C359EFD3 PUP.Adware.Heuristic, C:\ProgramData\69B6DBD2-8E05-476F-B662-CF8D235FD499 PUP.Adware.Heuristic, C:\ProgramData\808E7E11-B8F8-4EE0-8929-9B241425315C PUP.Adware.Heuristic, C:\ProgramData\D81EDBF9-D167-4011-B77D-211DF920EB80 PUP.Adware.Heuristic, C:\ProgramData\FEA3F5DE-0F10-454D-B6C0-55E35B170A9D

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

PUP.Optional.Legacy, [Data] - HKCU\Software\Microsoft\Internet Explorer\Main | ImageStoreRandomFolder [mv9xu40]

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries.

*************************

C:/AdwCleaner/AdwCleaner[S0].txt - [1253 B] - [2017/7/17 13:30:14] C:/AdwCleaner/AdwCleaner[S1].txt - [4027 B] - [2017/7/23 10:21:28] C:/AdwCleaner/AdwCleaner[S2].txt - [1165 B] - [2017/7/24 17:28:9] C:/AdwCleaner/AdwCleaner[S3].txt - [4162 B] - [2017/7/25 17:57:45] C:/AdwCleaner/AdwCleaner[S4].txt - [1300 B] - [2017/7/25 18:3:6] C:/AdwCleaner/AdwCleaner[S5].txt - [1366 B] - [2017/7/25 18:7:8] C:/AdwCleaner/AdwCleaner[S6].txt - [1432 B] - [2017/7/28 6:40:27]

########## EOF - C:\AdwCleaner\AdwCleaner[S7].txt ##########

Re: False positives?

Hello,

Those are expected, you're all set!

Re: False positives?

They are now? Well, okay then.

Thank you for your help.

Re: False positives?

I have a doubt, if I run the program while being connected to the internet, it does not give me any detections, but if I run it without an internet connection, it recalls 260 detections, the same ones that the author of the post points out.

Re: False positives?

Do you have the latest version installed? Have you tried the newest beta update of AdwCleaner? Kind of curious how in this case internet is affecting scan results.

Re: False positives?

@Hijin25

Please download the new version (7.0.1.0), it is available here: https://toolslib.net/downloads/finish/1-adwcleaner/

Then, launch a new scan and copy/paste the results log in your next answer.

Thanks.

Re: False positives?

New version rolled in, and I rebooted as it was suggested to me... I still get these results.

# AdwCleaner 7.0.1.0 - Logfile created on Wed Aug 09 11:59:08 2017 # Updated on 2017/05/08 by Malwarebytes # Database: 08-09-2017.1 # Running on Windows 7 Home Premium (X86) # Mode: scan # Support: https://www.malwarebytes.com/support

***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

PUP.Adware.Heuristic, C:\ProgramData\4690C72B-FD52-46BD-BB70-A7B9C359EFD3

PUP.Adware.Heuristic, C:\ProgramData\69B6DBD2-8E05-476F-B662-CF8D235FD499

PUP.Adware.Heuristic, C:\ProgramData\808E7E11-B8F8-4EE0-8929-9B241425315C

PUP.Adware.Heuristic, C:\ProgramData\D81EDBF9-D167-4011-B77D-211DF920EB80

PUP.Adware.Heuristic, C:\ProgramData\FEA3F5DE-0F10-454D-B6C0-55E35B170A9D

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

PUP.Optional.Legacy, [Data] - HKCU\Software\Microsoft\Internet Explorer\Main | ImageStoreRandomFolder [mv9xu40]

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries.

*************************

C:/AdwCleaner/AdwCleaner[S0].txt - [1253 B] - [2017/7/17 13:30:14] C:/AdwCleaner/AdwCleaner[S10].txt - [2051 B] - [2017/7/31 11:25:35] C:/AdwCleaner/AdwCleaner[S11].txt - [4702 B] - [2017/8/2 16:38:46] C:/AdwCleaner/AdwCleaner[S12].txt - [4770 B] - [2017/8/3 17:25:58] C:/AdwCleaner/AdwCleaner[S13].txt - [2256 B] - [2017/8/3 20:43:24] C:/AdwCleaner/AdwCleaner[S14].txt - [2324 B] - [2017/8/8 2:27:31] C:/AdwCleaner/AdwCleaner[S1].txt - [4027 B] - [2017/7/23 10:21:28] C:/AdwCleaner/AdwCleaner[S2].txt - [1165 B] - [2017/7/24 17:28:9] C:/AdwCleaner/AdwCleaner[S3].txt - [4162 B] - [2017/7/25 17:57:45] C:/AdwCleaner/AdwCleaner[S4].txt - [1300 B] - [2017/7/25 18:3:6] C:/AdwCleaner/AdwCleaner[S5].txt - [1366 B] - [2017/7/25 18:7:8] C:/AdwCleaner/AdwCleaner[S6].txt - [1432 B] - [2017/7/28 6:40:27] C:/AdwCleaner/AdwCleaner[S7].txt - [1847 B] - [2017/7/28 6:51:31] C:/AdwCleaner/AdwCleaner[S8].txt - [1914 B] - [2017/7/28 23:35:14] C:/AdwCleaner/AdwCleaner[S9].txt - [4564 B] - [2017/7/31 11:21:41]

########## EOF - C:\AdwCleaner\AdwCleaner[S15].txt ##########

Re: False positives?

Here's the log... I still get that one PUP.Optional.Legacy result, dammit.

So it's really an infection after all?

# AdwCleaner 7.0.2.0 - Logfile created on Sun Aug 13 19:14:04 2017 # Updated on 2017/29/08 by Malwarebytes # Database: 08-11-2017.1 # Running on Windows 7 Home Premium (X86) # Mode: scan # Support: https://www.malwarebytes.com/support

***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

PUP.Optional.Legacy, [Data] - HKCU\Software\Microsoft\Internet Explorer\Main | ImageStoreRandomFolder [mv9xu40]

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries.

*************************

C:/AdwCleaner/AdwCleaner[S0].txt - [1253 B] - [2017/7/17 13:30:14] C:/AdwCleaner/AdwCleaner[S10].txt - [2051 B] - [2017/7/31 11:25:35] C:/AdwCleaner/AdwCleaner[S11].txt - [4702 B] - [2017/8/2 16:38:46] C:/AdwCleaner/AdwCleaner[S12].txt - [4770 B] - [2017/8/3 17:25:58] C:/AdwCleaner/AdwCleaner[S13].txt - [2256 B] - [2017/8/3 20:43:24] C:/AdwCleaner/AdwCleaner[S14].txt - [2324 B] - [2017/8/8 2:27:31] C:/AdwCleaner/AdwCleaner[S15].txt - [2391 B] - [2017/8/9 11:59:8] C:/AdwCleaner/AdwCleaner[S16].txt - [2458 B] - [2017/8/12 17:11:33] C:/AdwCleaner/AdwCleaner[S1].txt - [4027 B] - [2017/7/23 10:21:28] C:/AdwCleaner/AdwCleaner[S2].txt - [1165 B] - [2017/7/24 17:28:9] C:/AdwCleaner/AdwCleaner[S3].txt - [4162 B] - [2017/7/25 17:57:45] C:/AdwCleaner/AdwCleaner[S4].txt - [1300 B] - [2017/7/25 18:3:6] C:/AdwCleaner/AdwCleaner[S5].txt - [1366 B] - [2017/7/25 18:7:8] C:/AdwCleaner/AdwCleaner[S6].txt - [1432 B] - [2017/7/28 6:40:27] C:/AdwCleaner/AdwCleaner[S7].txt - [1847 B] - [2017/7/28 6:51:31] C:/AdwCleaner/AdwCleaner[S8].txt - [1914 B] - [2017/7/28 23:35:14] C:/AdwCleaner/AdwCleaner[S9].txt - [4564 B] - [2017/7/31 11:21:41]

########## EOF - C:\AdwCleaner\AdwCleaner[S17].txt ##########

Re: False positives?

Since PUP is a potentially unwanted software, it might not be an infection, just some rogue application running or installed on your PC. Do a thorough scan with Malwarebytes and see if it helps to deal with the issue. Also, you can try searching for the folder manually, as the path is listed and remove it that way. If you have issues, kill the process with the task manager and then remove it. 

Re: False positives?

I detected this in all my Pcs

# AdwCleaner 7.0.1.0 - Logfile created on Wed Aug 16 22:52:27 2017 # Updated on 2017/05/08 by Malwarebytes  # Database: 08-16-2017.2 # Running on Windows 7 Professional (X64) # Mode: scan # Support: https://www.malwarebytes.com/support

***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{B9507101-E464-4B3B-A4CB-291AAEDD94F2} PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{2316C625-B487-4410-A1A5-FF040B65245F} PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{D77AA852-DEF3-43CB-A3F5-BD679DE72F32} PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{F66C7EC4-63CC-4452-A8C9-5A2E898F8EFF} PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{F8698E62-9284-432A-9C62-C1293A2B1DD3}

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries.

*************************

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt ##########

Re: False positives?

Is your Windows copy legitimate? 

Re: False positives?

CloversHijin25, just wait for the answer from fr33tux or cocochepeau.