- False Positives -

Hello,

Can you share the whole logfile please ?

Regards,

# AdwCleaner v5.032 - Relatório criado 06/02/2016 às 12:58:17 # Atualizado 31/01/2016 por Xplode # Banco de dados : 2016-02-05.1 [Servidor] # Sistema operacional : Windows 8.1 Pro  (x86) # Usuário : NEO - DESKTOP # Executando de : C:\Users\NEO\Desktop\SEGURANÇA\adwcleaner_5.032.exe # Opção : Limpar # Apoio : http://toolslib.net/forum

***** [ Serviços ] *****

***** [ Pastas ] *****

[-] Pasta Excluído : C:\Users\NEO\AppData\Roaming\pptassist [-] Pasta Excluído : C:\Users\Public\Documents\pc faster [-] Pasta Excluído : C:\WINDOWS\system32\config\systemprofile\AppData\Roaming\CalendarTool

***** [ Arquivos ] *****

***** [ DLLs ] *****

***** [ Atalhos ] *****

***** [ Tarefas agendadas ] *****

***** [ Registro ] *****

***** [ Navegadores ] *****

*************************

:: Chaves "Tracing" excluídas :: Configurações Winsock restauradas

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [913 bytes] ##########

# AdwCleaner v5.108 - Logfile created 31/03/2016 at 11:39:26 # Updated 30/03/2016 by Xplode # Database : 2016-03-30.1 [Server] # Operating system : Windows 8.1 Pro  (x86) # Username : NEO - DESKTOP # Running from : C:\Users\NEO\Desktop\SEGURANÇA\adwcleaner_5.108.exe # Option : Clean # Support : http://toolslib.net/forum

***** [ Services ] *****

[-] Service Deleted : YSearchUtilSvc

***** [ Folders ] *****

[-] Folder Deleted : C:\Users\NEO\AppData\Local\YSearchUtil [-] Folder Deleted : C:\Users\NEO\AppData\Local\Google\Chrome\User Data\Default\Extensions\chphlpgkkbolifaimnlloiipkdnihall [-] Folder Deleted : C:\Users\Public\Documents\pc faster [-] Folder Deleted : C:\WINDOWS\system32\config\systemprofile\AppData\Local\YSearchUtil [-] Folder Deleted : C:\WINDOWS\system32\config\systemprofile\AppData\Roaming\CalendarTool

***** [ Files ] *****

[-] File Deleted : C:\Users\NEO\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_chphlpgkkbolifaimnlloiipkdnihall_0.localstorage [-] File Deleted : C:\Users\NEO\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_chphlpgkkbolifaimnlloiipkdnihall_0.localstorage-journal [-] File Deleted : C:\Users\NEO\AppData\Roaming\Mozilla\Firefox\Profiles\35iy30rf.default\extensions\jid1-G80Ec8LLEbK5fQ@jetpack.xpi

***** [ DLLs ] *****

***** [ Shortcuts ] *****

***** [ Scheduled tasks ] *****

***** [ Registry ] *****

[#] Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\npdicihegicnhaangkdmcgbjceoemeoo [#] Key Deleted : HKLM\SOFTWARE\actsys [#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Yahoo! SearchSet

***** [ Web browsers ] *****

[-] [C:\Users\NEO\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : chphlpgkkbolifaimnlloiipkdnihall [-] [C:\Users\NEO\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : npdicihegicnhaangkdmcgbjceoemeoo

*************************

:: "Tracing" keys deleted :: Winsock settings cleared

*************************

C:\AdwCleaner\AdwCleaner[C1].txt - [3109 bytes] - [06/02/2016 11:58:17] C:\AdwCleaner\AdwCleaner[C2].txt - [14537 bytes] - [16/12/2015 14:33:15] C:\AdwCleaner\AdwCleaner[C3].txt - [4745 bytes] - [16/12/2015 14:34:34] C:\AdwCleaner\AdwCleaner[C4].txt - [4665 bytes] - [16/12/2015 14:54:40] C:\AdwCleaner\AdwCleaner[C5].txt - [8425 bytes] - [16/12/2015 15:12:58] C:\AdwCleaner\AdwCleaner[C6].txt - [4313 bytes] - [16/12/2015 18:24:25] C:\AdwCleaner\AdwCleaner[S1].txt - [3854 bytes] - [06/02/2016 11:56:45] C:\AdwCleaner\AdwCleaner[S2].txt - [13050 bytes] - [16/12/2015 14:32:04] C:\AdwCleaner\AdwCleaner[S3].txt - [4917 bytes] - [16/12/2015 14:33:51] C:\AdwCleaner\AdwCleaner[S4].txt - [4249 bytes] - [16/12/2015 14:53:44] C:\AdwCleaner\AdwCleaner[S5].txt - [8221 bytes] - [16/12/2015 15:11:55] C:\AdwCleaner\AdwCleaner[S6].txt - [4454 bytes] - [16/12/2015 18:22:59] C:\AdwCleaner\AdwCleaner[S7].txt - [981 bytes] - [30/01/2016 10:02:31]

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [4059 bytes] ##########

# AdwCleaner v5.116 - Logfile created 09/05/2016 at 16:51:00 # Updated 09/05/2016 by Xplode # Database : 2016-05-09.1 [Server] # Operating system : Windows 10 Pro  (X64) # Username : Admin - CORE-I7-950 # Running from : D:\Shared Folder\Egso\AdwCleaner v5.116 (09-05-2016)\adwcleaner_5.116.exe # Option : Clean # Support : http://toolslib.net/forum

***** [ Services ] *****

***** [ Folders ] *****

[-] Folder Deleted : C:\Users\Admin\AppData\Roaming\omniboxes [-] Folder Deleted : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\5rxos1l0.default\extensions\deskCutv2@gmail.com

***** [ Files ] *****

[-] File Deleted : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\5rxos1l0.default\extensions\rssicon@jasnapaka.com.xpi [-] File Deleted : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\5rxos1l0.default\invalidprefs.js [-] File Deleted : C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_dgpdioedihjhncjafcpgbbjdpbbkikmi_0.localstorage [-] File Deleted : C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.azlyrics.com_0.localstorage

***** [ DLLs ] *****

***** [ WMI ] *****

***** [ Shortcuts ] *****

[x] Shortcut Not Disinfected : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeraByte Unlimited\TeraByte OSD Tool Suite Pro\Ready To Run Scripts\INISTART - Reset Windows Startup.lnk

***** [ Scheduled tasks ] *****

[x] Task Not Deleted : RunAsStdUser Task

***** [ Registry ] *****

[-] Key Deleted : HKLM\SOFTWARE\W3I [-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EED0E3DC-8CCD-4E77-9C22-AD5FAB11B2CE} [-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.SSDP//uuid:af40adb4-cbae-407e-abcd-123456789abc

***** [ Web browsers ] *****

[-] [C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : omniboxes [-] [C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Default_Search_Provider_Data] Deleted : hxxp://omniboxes.com/web?type=ds&ts=1451202989&z=20f7740c69eb02c973f8292gcz2w8g3oae7o1t7b5t&from=amt&uid=ocz-vertex2x3x5_ocz-iky89ir83120skx5&q={searchTerms} [-] [C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : dgpdioedihjhncjafcpgbbjdpbbkikmi

*************************

:: "Tracing" keys deleted :: Winsock settings cleared

*************************

C:\AdwCleaner\AdwCleaner[C1].txt - [2548 bytes] - [09/05/2016 16:51:00] C:\AdwCleaner\AdwCleaner[S1].txt - [2832 bytes] - [09/05/2016 16:44:40] C:\AdwCleaner\AdwCleaner[S6].txt - [2188 bytes] - [07/09/2015 09:38:57] C:\AdwCleaner\AdwCleaner[S7].txt - [1971 bytes] - [13/11/2015 04:08:36]

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [2840 bytes] ##########

?

# AdwCleaner v5.032 - Relatório criado 06/02/2016 às 12:58:17 # Atualizado 31/01/2016 por Xplode # Banco de dados : 2016-02-05.1 [Servidor] # Sistema operacional : Windows 8.1 Pro  (x86) # Usuário : NEO - DESKTOP # Executando de : C:\Users\NEO\Desktop\SEGURANÇA\adwcleaner_5.032.exe # Opção : Limpar # Apoio : http://toolslib.net/forum

***** [ Serviços ] *****

***** [ Pastas ] *****

[-] Pasta Excluído : C:\Users\NEO\AppData\Roaming\pptassist [-] Pasta Excluído : C:\Users\Public\Documents\pc faster [-] Pasta Excluído : C:\WINDOWS\system32\config\systemprofile\AppData\Roaming\CalendarTool

***** [ Arquivos ] *****

***** [ DLLs ] *****

***** [ Atalhos ] *****

***** [ Tarefas agendadas ] *****

***** [ Registro ] *****

***** [ Navegadores ] *****

*************************

:: Chaves "Tracing" excluídas :: Configurações Winsock restauradas

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [913 bytes] ##########

# AdwCleaner v5.108 - Logfile created 31/03/2016 at 11:39:26 # Updated 30/03/2016 by Xplode # Database : 2016-03-30.1 [Server] # Operating system : Windows 8.1 Pro  (x86) # Username : NEO - DESKTOP # Running from : C:\Users\NEO\Desktop\SEGURANÇA\adwcleaner_5.108.exe # Option : Clean # Support : http://toolslib.net/forum

***** [ Services ] *****

[-] Service Deleted : YSearchUtilSvc

***** [ Folders ] *****

[-] Folder Deleted : C:\Users\NEO\AppData\Local\YSearchUtil [-] Folder Deleted : C:\Users\NEO\AppData\Local\Google\Chrome\User Data\Default\Extensions\chphlpgkkbolifaimnlloiipkdnihall [-] Folder Deleted : C:\Users\Public\Documents\pc faster [-] Folder Deleted : C:\WINDOWS\system32\config\systemprofile\AppData\Local\YSearchUtil [-] Folder Deleted : C:\WINDOWS\system32\config\systemprofile\AppData\Roaming\CalendarTool

***** [ Files ] *****

[-] File Deleted : C:\Users\NEO\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_chphlpgkkbolifaimnlloiipkdnihall_0.localstorage [-] File Deleted : C:\Users\NEO\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_chphlpgkkbolifaimnlloiipkdnihall_0.localstorage-journal [-] File Deleted : C:\Users\NEO\AppData\Roaming\Mozilla\Firefox\Profiles\35iy30rf.default\extensions\jid1-G80Ec8LLEbK5fQ@jetpack.xpi

***** [ DLLs ] *****

***** [ Shortcuts ] *****

***** [ Scheduled tasks ] *****

***** [ Registry ] *****

[#] Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\npdicihegicnhaangkdmcgbjceoemeoo [#] Key Deleted : HKLM\SOFTWARE\actsys [#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Yahoo! SearchSet

***** [ Web browsers ] *****

[-] [C:\Users\NEO\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : chphlpgkkbolifaimnlloiipkdnihall [-] [C:\Users\NEO\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : npdicihegicnhaangkdmcgbjceoemeoo

*************************

:: "Tracing" keys deleted :: Winsock settings cleared

*************************

C:\AdwCleaner\AdwCleaner[C1].txt - [3109 bytes] - [06/02/2016 11:58:17] C:\AdwCleaner\AdwCleaner[C2].txt - [14537 bytes] - [16/12/2015 14:33:15] C:\AdwCleaner\AdwCleaner[C3].txt - [4745 bytes] - [16/12/2015 14:34:34] C:\AdwCleaner\AdwCleaner[C4].txt - [4665 bytes] - [16/12/2015 14:54:40] C:\AdwCleaner\AdwCleaner[C5].txt - [8425 bytes] - [16/12/2015 15:12:58] C:\AdwCleaner\AdwCleaner[C6].txt - [4313 bytes] - [16/12/2015 18:24:25] C:\AdwCleaner\AdwCleaner[S1].txt - [3854 bytes] - [06/02/2016 11:56:45] C:\AdwCleaner\AdwCleaner[S2].txt - [13050 bytes] - [16/12/2015 14:32:04] C:\AdwCleaner\AdwCleaner[S3].txt - [4917 bytes] - [16/12/2015 14:33:51] C:\AdwCleaner\AdwCleaner[S4].txt - [4249 bytes] - [16/12/2015 14:53:44] C:\AdwCleaner\AdwCleaner[S5].txt - [8221 bytes] - [16/12/2015 15:11:55] C:\AdwCleaner\AdwCleaner[S6].txt - [4454 bytes] - [16/12/2015 18:22:59] C:\AdwCleaner\AdwCleaner[S7].txt - [981 bytes] - [30/01/2016 10:02:31]

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [4059 bytes] ##########

# AdwCleaner v5.116 - Logfile created 09/05/2016 at 10:55:11 # Updated 09/05/2016 by Xplode # Database : 2016-05-09.1 [Local] # Operating system : Windows 8.1 Pro  (X86) # Username : NEO - DESKTOP # Running from : C:\Users\NEO\Desktop\SEGURANÇA\adwcleaner_5.116.exe # Option : Clean # Support : http://toolslib.net/forum

***** [ Services ] *****

***** [ Folders ] *****

[-] Folder Deleted : C:\Users\Public\Documents\pc faster [x] Folder Not Deleted : C:\WINDOWS\system32\config\systemprofile\AppData\Roaming\CalendarTool

***** [ Files ] *****

***** [ DLLs ] *****

***** [ WMI ] *****

***** [ Shortcuts ] *****

***** [ Scheduled tasks ] *****

***** [ Registry ] *****

[#] Key Deleted : HKLM\SOFTWARE\actsys

***** [ Web browsers ] *****

[x] [C:\Users\NEO\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Not Deleted : br.ask.com

*************************

:: "Tracing" keys deleted :: Winsock settings cleared

*************************

C:\AdwCleaner\AdwCleaner[C1].txt - [5167 bytes] - [06/02/2016 11:58:17] C:\AdwCleaner\AdwCleaner[C2].txt - [14537 bytes] - [16/12/2015 14:33:15] C:\AdwCleaner\AdwCleaner[C3].txt - [4745 bytes] - [16/12/2015 14:34:34] C:\AdwCleaner\AdwCleaner[C4].txt - [4665 bytes] - [16/12/2015 14:54:40] C:\AdwCleaner\AdwCleaner[C5].txt - [8425 bytes] - [16/12/2015 15:12:58] C:\AdwCleaner\AdwCleaner[C6].txt - [4313 bytes] - [16/12/2015 18:24:25] C:\AdwCleaner\AdwCleaner[S1].txt - [5791 bytes] - [06/02/2016 11:56:45] C:\AdwCleaner\AdwCleaner[S2].txt - [13050 bytes] - [16/12/2015 14:32:04] C:\AdwCleaner\AdwCleaner[S3].txt - [4917 bytes] - [16/12/2015 14:33:51] C:\AdwCleaner\AdwCleaner[S4].txt - [4249 bytes] - [16/12/2015 14:53:44] C:\AdwCleaner\AdwCleaner[S5].txt - [8221 bytes] - [16/12/2015 15:11:55] C:\AdwCleaner\AdwCleaner[S6].txt - [4454 bytes] - [16/12/2015 18:22:59] C:\AdwCleaner\AdwCleaner[S7].txt - [981 bytes] - [30/01/2016 10:02:31]

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [6117 bytes] ##########

I don't know why everyone else is posting in this thread, but I have already posted my log. :)

@WALDIR,

Unless I did not understand something, can you please open a new thread with some explanations so we can help you further with your problem ?

Thanks.

Hello,

@Dypsis,

The task has been removed from the database. The other entry is about an infected shortcut. If you select it, AdwCleaner will clean the shortcut but not deletes it.

Regards,

Thanks Xplode.

The Directory Opus issue is now fixed. Thank you.

However, how is inistart.tbs going to start since Adwcleaner removed the inistart.tbs string at the end of the shortcut?

Before cleaning: "C:\Program Files (x86)\TeraByte Unlimited\TeraByte OSD Tool Suite Pro\win\tbosdtw.exe"

After cleaning: "C:\Program Files (x86)\TeraByte Unlimited\TeraByte OSD Tool Suite Pro\win\tbosdtw.exe" inistart.tbs

inistart.tbs is a valid file of Terabyte OSD Tool Suite file, which is a component of Image for Windows.

Please read the changelog for Version 1.26 - Aug 3, 2010 of for Terabyte OSD Tool Suite at the link below.

https://www.terabyteunlimited.com/upgradehist-tbosdt.htm

My apologies if I have missed the point. :)

Hello,

I see, AdwCleaner flagged the shortcut because of the string "istart" ( which is related to an adware ) inside "inistart.tbs". I fixed the detection and it should be ok now.

Regards,

Thank you.