Re: IT SEEMS TO BE ADW CLEANER DETECTED WRONG REGISTRY KEYS

dans AdwCleaner par bibuot

Hi

Yes, me... I deleted them after response of fr33tux

---> no any error anywhere after.... seems not to be "false positive" but really a Troyan adware

 

 

Re: False Postiive Registry entries

I'm having it today too. Found 26 things that it didn't find before.

False Positive 26 new MS related CLSID enties on a few different PCs all of a sudden.

IMO FALSE POSITIVES:

 

PCs also scanned and clean with:  Avira, Malwarebytes Anti Malware, Roguekiller, Hitman Pro, Emsisoft Emergency Kit Scanner.  Also all have MB Anti Exploit.  Standard BleepingComputer arsenal..

 

This is NOT ProxyGate!  Never used it on any PC.

These entries are shown to relate to MS software controls..  I scanned the registry to verify all of these.  MS Toolbar Cont...

Re: False Postiive Registry entries

IMO FALSE POSITIVES:

 

This is NOT ProxyGate!  Never used it on any PC.

These entries are shown to relate to MS Acive X/Software controls..  I scanned the registry to verify all of these.  MS Toolbar Control 6.0, etc just as posted above.  All CLSID references relate to these controls.

I use adwcleaner regularly and today all of a sudden all 5 of the office PCs have these same 26 registry e...

Re: False Postiive Registry entries

dans AdwCleaner par gamefan

I have to agree with Ronny. These all seem like legit entries. I never had proxy gate on my system and my other scans come up clean.

 

Another user encounterrd the same problem

 

https://toolslib.net/forum/viewthread/9452-it-seems-be-adw-cleaner-detected-wrong-registry-keys/

Re: IT SEEMS TO BE ADW CLEANER DETECTED WRONG REGISTRY KEYS

dans AdwCleaner par fr33tux

Hello,

Can you share the whole logfile please?

Thanks,

IT SEEMS TO BE ADW CLEANER DETECTED WRONG REGISTRY KEYS

DEAR ALL 

I FOUND SOME REGISTRY KEY USEFUL UPON SEARCH ON INTERNET, LIKE 

HKLM\SOFTWARE\Classes\CLSID\{1EFB6596-857C-11D1-B16A-00C0F0283628} ADW CLEANER HAS DETECTED THIS AS A THREAT, THE DETECTED THREATS ARE LISTED BELOW

-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{1EFB6596-857C-11D1-B16A-00C0F0283628} [-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{DD9DA666-8594-11D1-B16A-00C0F0283628} [-] ...

Re: False Postiive Registry entries

dans AdwCleaner par Ronny

I would object to that, I'm 100% sure I don't have ProxyGate.

This is some of the matches that have Legit names in their descriptions, and the last changed date is the date that I installed my machine.

So it seems colleteral damage from the ProxyGate detection, I would not remove these keys!

 

HKCR\Wow6432Node\CLSID\{1EFB6596-857C-11D1-B16A-00C0F0283628} REG_SZ    Microsoft TabStrip Control...

Re: False Postiive Registry entries

Greetings,

These registry keys are related to ProxyGate, qualified as Adware/PUP. You can remove them.

Regards.