Re: False Positive v7?

Interesting development. Thanks for the logs, as expected they are clean. Successful removal could indicate that Adwcleaner stopped the threat further or was a false positive. Honestly, everything related to Yahoo is a massive security hole for me, and I would avoid it as much as possible. 

Upon further investigation, this looks like malware's registry file that wasn't removed correctly, but t...

Re: False Positive v7?

Can you post the full logs? Also, try downloading the newest beta version of Adwcleaner and see if that helps you out? In addition to that, try doing the scans in Windows "Safe mode with networking" as well as add Hitman Pro to your program list. That way you can be certain that the threats are removed. In theory, it should work.

Re: PUP.Legacy.Optional

Hi,

Don't panic, this is a classic "aggressive (scam) advertising" and a (real) false 'Zeus' alert! None zeus virus is present on your computer!

https://www.bleepingcomputer.com/virus-removal/remove-zeus-virus-detected-popups

https://blog.malwarebytes.com/threat-analysis/2017/06/the-numeric-tech-support-scam-campaign/

I've not seen yet MalwareBytes, ADWCleaner, HitmanPro, uBlock, adblock, a...

PUP.Legacy.Optional

Hello,

Windows10 Chrome -- month ago got a malware popup when on tunein radio. Along with the following popup, a voice came on and said "your pc is infected with Malware, do not ignore this, etc:

** Zeus Virus Detected  - Your Computer Has Been Blocked **

Error: Trojan Backdoor Hijack #365838d7f8a4fa5

---------------------------------------------------------------------

After running adwcl...

Re: My First Post: Are These Internet Explorer\ActiveX Compatibility Entries False Positives

ActiveX detections are usual FP's. Try doing an additional scan with Malwarebytes to confirm that. But I am fairly certain that these should not be detected. According to the internet and research that I did, ActiveX sets guidelines for processes, it can be exploited to some degree, but Adwcleaner would have removed them if found.

Re: extansion .no_more_ransom

Future here! Hopefully, you will be able to understand this in English. Decided, to surf some older posts and add some information to what we now know. 2 Vendors currently have a decryptor for it as part of the "No More Ransom" project (Not related to this extension, this extension is just mocking). You can find Kaspersky's and McAfee's versions respectively. Additionally, you can read more abo...

Re: More false positives

You know that, i know that, but a schoolstudent does not. As a servicedeskmanager i have been promoting adwcleaner for years on our schools but now it's causing confusion among collegues and other cliënts when adwcleaner is stating that there might be a problem or maybe something is a PUP while there isnt anything wrong. I understand there's a behavior pattern wich puts it in a categorie for ma...

Re: Jaff virus?

Utilisez Data Recovery Pro ou Rakhni decryptor pour restaurer les fichiers cryptés par le rançongiciel Jaff. Data Recovery Pro est unun outil automatique qui peut effectuer ce travail à votre place. Vous pouvez il ou Rahini décrypteur conçu par Kaspersky Lab en cliquant ici: http://www.2-spyware.com/remove-jaff-ransomware-virus.html

N'oubliez d'exécuter une analyse supplémentaire de votre syst...

Re: Start\Windows icon

Have you noticed anything else weird/out of the ordinary on your PC? Can you try booting into Windows "Safe mode with networking" and see if you can do any of the actions through that. Otherwise, I would recommend doing a thorough malware check just in case.

Full and thorough malware check:

1. Restart your PC in “Safe mode with networking.” 2. Install and run RKill to kill malicious processes...

Re: False positives?

Since PUP is a potentially unwanted software, it might not be an infection, just some rogue application running or installed on your PC. Do a thorough scan with Malwarebytes and see if it helps to deal with the issue. Also, you can try searching for the folder manually, as the path is listed and remove it that way. If you have issues, kill the process with the task manager and then remove it.