Hello,

AdwCleaner found folder C:\Ap and removed the folder and everything underneath it.  It's a foldershare for one of our customer servers.  Not sure why it would be detected as malware?

# AdwCleaner v5.027 - Logfile created 30/12/2015 at 17:52:56
# Updated 30/12/2015 by Xplode
# Database : 2015-12-30.1 [Server]
# Operating system : Microsoft Windows Server 2003 Service Pack 2 (x86)
# Username : dstanton - SERVER
# Running from : \\server\ap\Level2\maintenance\adwcleaner_5.027.exe
# Option : Scan
# Support : http://toolslib.net/forum

***** [ Services ] *****

***** [ Folders ] *****

Folder Found : C:\Ap
Folder Found : C:\Documents and Settings\gilles\Application Data\download Manager
Folder Found : C:\WINDOWS\system32\NetMon

***** [ Files ] *****

***** [ DLL ] *****

***** [ Shortcuts ] *****

***** [ Scheduled tasks ] *****

***** [ Registry ] *****

Key Found : HKLM\SOFTWARE\Classes\S Key Found : HKLM\SOFTWARE\Description

***** [ Web browsers ] *****

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [828 bytes] ##########

 

Re: False Positive - C:\Ap

Hello,

FP has been removed from the database.

Regards,

Re: False Positive - C:\Ap

FP = False positive .. :-) I removed "Ap" from the database as it was a FP.

Re: False Positive - C:\Ap

Ah! :)  How can I delete the original quarantine files.  I no longer have access, and I restored via copy and paste then renamed the .vir extension via batch.  Now I no longer have access to the original quarantine directory to delete it.

Re: False Positive - C:\Ap

Hello,

Ah! :)  How can I delete the original quarantine files.  I no longer have access, and I restored via copy and paste then renamed the .vir extension via batch.  Now I no longer have access to the original quarantine directory to delete it.


level2, 2016-01-05 00:36:28 (UTC)

You should use the quarantine manager instead. Please refer to the documentation to see how to use it.

Regards,

Re: False Positive - C:\Ap

Quarantine manager froze and was very slow.  I uninstalled per instructions on other thread.  Still no access to the directory.

Re: False Positive - C:\Ap

Hello,

Uninstalling AdwCleaner also remove the Quarantine folder, so you won't be able to access it then.

Regards,