Just downloaded to update my version, but can't run it because Norton antivirus detects a thread and deletes it immediately. The threat is identified as 'Suspicious.Cloud.7.EP'.
Not sure if this is a false positive, but don't want to take a chance on it. Please verify the software, clean it if necessary and update the download link (or post a note). Txs.
OK! Issue solved! I had knowingly installed the iSafe Key-logger on that computer. This is supposedly invisible to cleaners and registry. AdwCleaner removed the invisible iSafe folder but not its registry entries. That caused instability in the system, probably related to the specificity of the key-loggers. Restoring the iSafe folder from within the AdwCleaner Quarantine Manager solved the issue. No need to do anything in the registry. I hope this helps!
@Me1: I have read that YTD YouTube Downloader's installer is nowadays bundled with adware, so that might be the reason. If that's the case that detection would be weird since JDownloader has the same features + a lot of other features, its installer is bundled with adware as well (at least three different kinds) and it isn't falsely detected.
If I remember correctly Hotspot Shield was bundled with adware as well back when I used it years ago.
False positives (it's a legitimate VPN extension):
C:\Users\User\AppData\Local\Hola
HKLM\SOFTWARE\Google\Chrome\Extensions\ncffjdbbodifgldkcbhmiiljfcbgjag
If I remember correctly there's also a false positive for the Hola Unblocker Firefox add-on. However, the Firefox add-on stopped working for me - possibly due to AdwCleaner cleaning away files needed for it to work - and re-installing it doesn't help, so I can't submit a report for that add-on. The add-on can be installed from here if anyone wants to have a look at it: http://hola.org/
The following entries are false positives:
C:\Documents and Settings\User\Application Data\ProgSense (included with some software to look for updates - nothing malicious or deceiving)
C:\Documents and Settings\User\Application Data\Simple Adblock (adblocker now known as Adblock Plus knowingly installed by user for Internet Explorer)
C:\Documents and Settings\User\Local Settings\Application Data\Hola (knowingly installed by user)
HKCU\Software\ProgSense (included with some software to look for updates - nothing malicious or deceiving)
HKLM\SOFTWARE\Classes\CLSID\{459DD0F7-0D55-D3DC-67BC-E6BE37E9D762} (belongs to ZoomBrowser EX, a Canon camera utility)
The following are proxy settings knowingly added by user:
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyEnable] - 1
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - *.local
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyServer] - socks=localhost:1234
Thanks in advance for correcting the issue.
New version of Adwcleaner (4.1.10) is being recognized as false positive by Avast Antivirus! Win32: Evo-gen [Susp]
bonjour meme avec la version 4.110 il y a toujours un faux positif pour le logiciel IDM (Internet Download Manager http://www.internetdownloadmanager.com/download.html ) si on supprime les clé de registre affichés cela demande ensuite de reinstaller IDM et on a toujours ce faux positif Rapport pour IDM:
Clé Trouvée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0055C089-8582-441B-A0BF-17B458C2A3A8}
Clé Trouvée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0055C089-8582-441B-A0BF-17B458C2A3A8}
Clé Trouvée : HKLM\SOFTWARE\Classes\CLSID\{0055C089-8582-441B-A0BF-17B458C2A3A8}
Clé Trouvée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0055C089-8582-441B-A0BF-17B458C2A3A8}
Clé Trouvée : [x64] HKLM\SOFTWARE\Classes\CLSID\{0055C089-8582-441B-A0BF-17B458C2A3A8}
Clé Trouvée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0055C089-8582-441B-A0BF-17B458C2A3A8}
egalement faux positif pour les logiciel Lastpass https://lastpass.com/misc_download2.php et faux positif pour le logiciel Driver Genius http://www.driver-soft.com/
@cocochepeau Hi, As, after AdwCleaner requested to restart the computer after scan and clean, I was not able to log in anymore into the standard account from where I ran AdwCleaner, Therefore I didn't get the report, but I guess it should still be somewhere on my computer. I ran again AdwCleaner but with starting the scan, just to see if it sees the report, but the Report button is grayed out. I downloaded several versions of AdwCleaner, so I may not ran the same version. I don't know if that matters. On the other hand, if I press uninstall (without actually starting the uninstall) I see the files from the quarantine, but not the changes made to the registry. For the files you may take a look at: http://1drv.ms/16uCsum
@livanel Can you send me a link of the scan/deletion report ?
@rodbom extension named?
nevermind, already solve the problem, it was an extension of google chrome -.-