# AdwCleaner 7.0.1.0 - Logfile created on Fri Aug 04 17:28:24 2017 # Updated on 2017/05/08 by Malwarebytes # Database: 07-31-2017.1 # Running on Windows 7 Ultimate (X64) # Mode: scan # Support: https://www.malwarebytes.com/support

***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

PUP.Adware.Heuristic, C:\ProgramData\{057DC76A-EA02-4CB2-AD10-10F4D94320D6} PUP.Adware.Heuristic, C:\ProgramData\{12F523F1-6E54-43C6-B83C-7C0835674EEA} PUP.Adware.Heuristic, C:\ProgramData\{16E6DCE6-1916-4566-A3CF-31880CAA7C63} PUP.Adware.Heuristic, C:\ProgramData\{17096F5E-F808-4F7F-9134-A3DE8F7CD093} PUP.Adware.Heuristic, C:\ProgramData\{1EE2F726-1234-41B1-A064-86CD048C4BEB} PUP.Adware.Heuristic, C:\ProgramData\{20C7291D-0FE3-4567-86A5-795DA8DD43DC} PUP.Adware.Heuristic, C:\ProgramData\{29717DE6-69BF-4629-B743-C10C0EB6114F} PUP.Adware.Heuristic, C:\ProgramData\{2CD659BC-750F-4694-B214-40A0CE94308D} PUP.Adware.Heuristic, C:\ProgramData\{3F0C2AC3-0702-4760-AFC1-157546C32EC1} PUP.Adware.Heuristic, C:\ProgramData\{3FD630E4-094C-41D8-8276-77FA452C358F} PUP.Adware.Heuristic, C:\ProgramData\{430A0B07-D438-424B-9F6E-584D5E6A0432} PUP.Adware.Heuristic, C:\ProgramData\{5308BF3B-B4EF-47BE-A637-CB011D7BE147} PUP.Adware.Heuristic, C:\ProgramData\{54AE0613-D8D9-4046-942B-60ED1FEC3F31} PUP.Adware.Heuristic, C:\ProgramData\{55AEE408-DC39-477F-B7A7-07C6498E734D} PUP.Adware.Heuristic, C:\ProgramData\{56C5D4F0-9E6D-421F-AA70-A7EF727C1C69} PUP.Adware.Heuristic, C:\ProgramData\{57623A97-E2F4-49B2-86D7-FA0915C77BED} PUP.Adware.Heuristic, C:\ProgramData\{58B2F4DF-E3A1-4F34-8BA3-9CEEC89A8091} PUP.Adware.Heuristic, C:\ProgramData\{5D37AF22-489A-46B2-9972-806CEC1EDFE2} PUP.Adware.Heuristic, C:\ProgramData\{6313F045-9452-45D7-9E64-3FA552AEFDD5} PUP.Adware.Heuristic, C:\ProgramData\{6495CC1D-C10B-40C5-A92B-241A2B2C8D20} PUP.Adware.Heuristic, C:\ProgramData\{73631698-31A0-419C-B151-F478AEBC136A} PUP.Adware.Heuristic, C:\ProgramData\{74EA5672-8925-4E7F-9E71-71DBC56A48B1} PUP.Adware.Heuristic, C:\ProgramData\{81B3FE58-8826-44EC-8271-083D201CEA19} PUP.Adware.Heuristic, C:\ProgramData\{81FF46FD-55BF-4932-A9A8-86FF2C15E0ED} PUP.Adware.Heuristic, C:\ProgramData\{86A4FE2A-247F-42EF-9C3E-C2551D2529B5} PUP.Adware.Heuristic, C:\ProgramData\{87121BB5-14B4-4E85-844F-95C7006512A3} PUP.Adware.Heuristic, C:\ProgramData\{87AEDB84-EF6C-4240-A009-B8FA027D1315} PUP.Adware.Heuristic, C:\ProgramData\{8DB01EBA-372E-4223-9BC2-5FA5C1D27D2D} PUP.Adware.Heuristic, C:\ProgramData\{90D8CE90-3E6B-4034-A281-BC9F19B60A5B} PUP.Adware.Heuristic, C:\ProgramData\{93EAA4DB-27EC-4331-A128-E3891121AA47} PUP.Adware.Heuristic, C:\ProgramData\{992D615F-F386-4F33-BBB7-37B6DAD18413} PUP.Adware.Heuristic, C:\ProgramData\{9C588B44-42B6-434D-90BD-824BBB1F328A} PUP.Adware.Heuristic, C:\ProgramData\{AC8F26C0-3B02-4AF3-9273-FBA6B76AB966} PUP.Adware.Heuristic, C:\ProgramData\{AFA24FF5-F0B4-4241-A143-5DE48A9AC837} PUP.Adware.Heuristic, C:\ProgramData\{B30E15D4-C78A-49C1-8297-800AE0224436} PUP.Adware.Heuristic, C:\ProgramData\{B49C92CB-1A73-4A41-A84C-5091582E7AA8} PUP.Adware.Heuristic, C:\ProgramData\{BA25B0F7-58EF-430F-98CB-6B931F98B069} PUP.Adware.Heuristic, C:\ProgramData\{BB5EBCFA-1B53-4EBA-A708-1AC15B03E2AB} PUP.Adware.Heuristic, C:\ProgramData\{C0AE4A98-3E1D-45FB-8465-ECCCB391E633} PUP.Adware.Heuristic, C:\ProgramData\{C7E9FBB1-9CB7-4917-9D0E-7C333B122B2B} PUP.Adware.Heuristic, C:\ProgramData\{CFDD872E-E643-48CF-82E8-8889713D990D} PUP.Adware.Heuristic, C:\ProgramData\{D0BC3603-5231-4F20-AE65-3893AB30CA7B} PUP.Adware.Heuristic, C:\ProgramData\{D5C8A2CD-1C9D-473B-82F1-41040535BC92} PUP.Adware.Heuristic, C:\ProgramData\{D86BF3D8-71D0-4786-899A-110C48EC34EA} PUP.Adware.Heuristic, C:\ProgramData\{DA31E3B5-AD7E-4759-A162-75CF964B70AC} PUP.Adware.Heuristic, C:\ProgramData\{E3946D55-17E5-4835-88DE-C4030F818EA2} PUP.Adware.Heuristic, C:\ProgramData\{E70386C6-507F-4906-86C2-96C1066BA097} PUP.Adware.Heuristic, C:\ProgramData\{EB48B20D-290B-4639-B2DC-3530B250BA92} PUP.Adware.Heuristic, C:\ProgramData\{F1BD1DB3-F88E-4A13-A4B4-090CFEE6A6A3} PUP.Adware.Heuristic, C:\ProgramData\{F5271FB0-B5A4-420D-90D3-FF2900A84AA7} PUP.Adware.Heuristic, C:\ProgramData\{F57C376F-E7ED-4527-9EE2-4D50799418BC} PUP.Adware.Heuristic, C:\ProgramData\{F828BFD7-781D-4BD3-AD6C-71D19DC23493} PUP.Adware.Heuristic, C:\ProgramData\{FD1615C0-ED4A-4CEB-94C3-1850BF1BAA6A}

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{B9507101-E464-4B3B-A4CB-291AAEDD94F2} PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{2316C625-B487-4410-A1A5-FF040B65245F} PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{D77AA852-DEF3-43CB-A3F5-BD679DE72F32} PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{F66C7EC4-63CC-4452-A8C9-5A2E898F8EFF} PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{F8698E62-9284-432A-9C62-C1293A2B1DD3} PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{9522B3FB-7A2B-4646-8AF6-36E7F593073C}

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries.

*************************

None of the above are a threat guys. Also if I try to remove these AdwCleaner crashes.

Besides that the PUP legacy detections are immunization entries from other programs

also the PUP Heuristics detections are related to legitimate entries installed by trust worthy programs I have on my machine

in no way are they a threat or related to any sort of adware. I have gone through every folder to double check this too.

Cheers.

Re: More false positives

Hello,

Those are partially fixed since yesterday beta, and will be fully fixed in tonight beta.

Sorry for the issue.

Best regards,

Re: More false positives

Hello, never experienced problems with ADWcleaner, what happend since you are Malwarebytes? New CEO? The beta version tells me: PUP.Optional.DriverBooster But i have bought this registered program and installed for years and is not a PUP. Maybe  for someone but nut for me. iTunes for me is a PUP but i need it for my bloody iPad.  

Re: More false positives

False positives can happen from time to time, nothing new there. If the application is interacting at a system level and is not known, it will flag that it as a potential issue. AdwCleaner getting bought by Malwarebytes did nothing but good, so I am not sure. You can report the file or software that is causing the pop-up.

Re: More false positives

Hello,

The beta version tells me: PUP.Optional.DriverBooster


snabbeltax, 2017-08-07 10:15:05 (UTC)

Can you share a logfile showing this?

Re: More false positives

These are still detected, they're actually related to a music application too called MASCHINE by Native Instruments and pose no threat,

where as the registry detections are immunization entries created by either Spybot S&D or SpywareBlaster. Checked this several times over.

Would it be better to use the beta for now then ?

Re: More false positives

Try using the beta, see if that elevate the false positives. However, if your software is obtained in illegitimate ways (I know music software can get quite expensive), it might have some form of virus or malware attached to it. You can never discount the possibility.

Re: More false positives

Cheeky monkey :P I paid for this thanks lol.

Yes you're right :) Better to save up and buy! best way.

The beta doesn't show the false positives any more

the only thing it shows now are the immunization entries

and they are

PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{B9507101-E464-4B3B-A4CB-291AAEDD94F2} PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{2316C625-B487-4410-A1A5-FF040B65245F} PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{D77AA852-DEF3-43CB-A3F5-BD679DE72F32} PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{F66C7EC4-63CC-4452-A8C9-5A2E898F8EFF} PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{F8698E62-9284-432A-9C62-C1293A2B1DD3} PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{9522B3FB-7A2B-4646-8AF6-36E7F593073C}

Cheers! have a good day.

 

 

Re: More false positives

Hello,

Can you share the whole logfile please? (including the header)

Thanks,

Re: More false positives

Hello. Sure.

# AdwCleaner 7.0.2.0 - Logfile created on Wed Aug 23 17:39:18 2017 # Updated on 2017/29/08 by Malwarebytes # Database: 08-22-2017.2 # Running on Windows 7 Ultimate (X64) # Mode: scan # Support: https://www.malwarebytes.com/support

***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{B9507101-E464-4B3B-A4CB-291AAEDD94F2} PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{2316C625-B487-4410-A1A5-FF040B65245F} PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{D77AA852-DEF3-43CB-A3F5-BD679DE72F32} PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{F66C7EC4-63CC-4452-A8C9-5A2E898F8EFF} PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{F8698E62-9284-432A-9C62-C1293A2B1DD3} PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{9522B3FB-7A2B-4646-8AF6-36E7F593073C}

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries.

*************************

Re: More false positives

Hello,

The beta version tells me: PUP.Optional.DriverBooster


snabbeltax, 2017-08-07 10:15:05 (UTC)

Can you share a logfile showing this?


fr33tux, 2017-08-23 00:30:14 (UTC)

# AdwCleaner 7.0.2.0 - Logfile created on Mon Aug 07 10:03:39 2017 # Updated on 2017/29/08 by Malwarebytes  # Database: 08-06-2017.2 # Running on Windows 10 Pro (X64) # Mode: scan # Support: https://www.malwarebytes.com/support

***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

PUP.Optional.DriverBooster, C:\Users\Henk\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Driver Booster.lnk

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{9522B3FB-7A2B-4646-8AF6-36E7F593073C}

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries.

***** [ Chromium (and derivatives) ] *****

Plugin found: MapsGalaxy - 

/!\ Please Reset the Chrome Synchronization before cleaning the Chrome Preferences: https://support.google.com/chrome/answer/3097271 

*************************

C:/AdwCleaner/AdwCleaner[C10].txt - [2737 B] - [2017/2/20 14:46:36] C:/AdwCleaner/AdwCleaner[C11].txt - [3227 B] - [2017/3/20 11:30:28] C:/AdwCleaner/AdwCleaner[C12].txt - [2945 B] - [2017/5/20 14:40:23] C:/AdwCleaner/AdwCleaner[C1].txt - [4305 B] - [2015/11/23 11:42:58] C:/AdwCleaner/AdwCleaner[C2].txt - [1447 B] - [2015/12/2 15:1:8] C:/AdwCleaner/AdwCleaner[C3].txt - [1954 B] - [2015/12/25 11:10:55] C:/AdwCleaner/AdwCleaner[C4].txt - [9841 B] - [2016/9/23 8:12:57] C:/AdwCleaner/AdwCleaner[C5].txt - [6859 B] - [2016/9/29 9:8:47] C:/AdwCleaner/AdwCleaner[C6].txt - [6001 B] - [2016/10/11 8:24:43] C:/AdwCleaner/AdwCleaner[C7].txt - [6711 B] - [2016/10/29 12:0:7] C:/AdwCleaner/AdwCleaner[C8].txt - [5175 B] - [2016/11/6 11:23:8] C:/AdwCleaner/AdwCleaner[C9].txt - [10616 B] - [2017/2/7 16:49:36] C:/AdwCleaner/AdwCleaner[S10].txt - [5281 B] - [2016/11/6 11:18:29] C:/AdwCleaner/AdwCleaner[S11].txt - [10390 B] - [2017/2/7 16:46:52] C:/AdwCleaner/AdwCleaner[S12].txt - [2907 B] - [2017/2/20 14:31:7] C:/AdwCleaner/AdwCleaner[S13].txt - [3285 B] - [2017/3/20 11:29:40] C:/AdwCleaner/AdwCleaner[S14].txt - [3141 B] - [2017/5/20 14:39:4] C:/AdwCleaner/AdwCleaner[S1].txt - [4048 B] - [2015/11/23 11:41:35] C:/AdwCleaner/AdwCleaner[S2].txt - [1298 B] - [2015/12/2 14:59:41] C:/AdwCleaner/AdwCleaner[S3].txt - [1775 B] - [2015/12/25 11:8:53] C:/AdwCleaner/AdwCleaner[S4].txt - [12030 B] - [2016/9/23 8:11:15] C:/AdwCleaner/AdwCleaner[S5].txt - [9269 B] - [2016/9/29 9:7:58] C:/AdwCleaner/AdwCleaner[S6].txt - [3266 B] - [2016/10/8 10:14:17] C:/AdwCleaner/AdwCleaner[S7].txt - [8234 B] - [2016/10/11 8:22:23] C:/AdwCleaner/AdwCleaner[S8].txt - [6217 B] - [2016/10/29 11:47:5] C:/AdwCleaner/AdwCleaner[S9].txt - [6290 B] - [2016/10/29 11:48:52]

########## EOF - C:\AdwCleaner\AdwCleaner[S14].txt ##########

Re: More false positives

Yesterday the Windows 10 machine from my wife was scanned by 7.0.1.0 and referred Zylom games and TryMedia as suspicious. Removal of it all led to no gaming anymore because these files (and dirs) are apearently necessary to run and check validation of the Zylom Games. Such a shame because a noob does not understand that.  

# AdwCleaner 7.0.1.0 - Logfile created on Mon Aug 21 19:08:44 2017 # Updated on 2017/05/08 by Malwarebytes  # Database: 08-17-2017.2 # Running on Windows 10 Home (X64) # Mode: scan # Support: https://www.malwarebytes.com/support

***** [ Services ] *****

PUP.Adware.Heuristic, syncagentsrv ***** [ Folders ] *****

PUP.Optional.Legacy, C:\ProgramData\Trymedia PUP.Optional.Legacy, C:\ProgramData\Application Data\Trymedia PUP.Optional.Legacy, C:\Users\All Users\Trymedia PUP.Adware.Heuristic, C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7 ***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

Adware.TryMedia, [Key] - HKLM\SOFTWARE\Trymedia Systems Adware.Wajam, [Key] - HKLM\SOFTWARE\WInterEn ***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries.

***** [ Chromium (and derivatives) ] *****

Plugin found: MapsGalaxy - 

/!\ Please Reset the Chrome Synchronization before cleaning the Chrome Preferences: https://support.google.com/chrome/answer/3097271  *************************

C:/AdwCleaner/AdwCleaner[C0].txt - [4083 B] - [2017/8/10 18:35:18] C:/AdwCleaner/AdwCleaner[S0].txt - [1063 B] - [2015/1/29 19:53:46] C:/AdwCleaner/AdwCleaner[S1].txt - [4360 B] - [2017/8/10 18:33:16]

########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt ##########

Re: More false positives

Hello,

These detections are not FPs - please refer to this page to ask for changes.

Best regards,

Re: More false positives

You know that, i know that, but a schoolstudent does not. As a servicedeskmanager i have been promoting adwcleaner for years on our schools but now it's causing confusion among collegues and other cliënts when adwcleaner is stating that there might be a problem or maybe something is a PUP while there isnt anything wrong. I understand there's a behavior pattern wich puts it in a categorie for malware scanners labelled a "be carefull" or a "maybe" but thats not what we want do we? The fact that TryMedia is labelled as PUP gives me a reason to remove all instances related to this. It turns out this is a importan part of Zylom games. For instance: the removal of the regkey and all the folders of TryMedia resulted in a not-working Zylom game and we had to reinstall or buy again. Luckily for my wife i just restored the folders from the recycle bin and the game was executed again. This is a small example where things can go wrong but in the situation where i am in my recording studio and use many VST's with Cubase or Native Instruments(like member whatisit stated above here) to produce music for groups and artists i don't want these suggestions from Adwcleaner. I hope you understand that not everybody is an expert in IT of heuristic behavior patterns and things should be carefully examined before flagging an entry in the rootkit or elsewere in regkey's. kind regards, Henk Scheerooren