Jump to content

ColdlyIndifferent

Members
  • Content Count

    12
  • Joined

  • Last visited

About ColdlyIndifferent

  • Rank
    New Member

Recent Profile Visitors

378 profile views
  1. I discovered what the 'problem' was - not the UAC settings. If you do a Adwcleaner scan then immediately go to Settings > Exclusions to add the exclusions before doing anything else ie. Skip or Clean, the buttons are disabled. I made the assumption this was because I was not being allowed to add the exclusions as I did not have the correct permissions. Changing the compatibility setting to run as admin seemed to confirm that. But what I was actually doing was just relaunching Adwcleaner and that was all that is necessary to get the Exclusions buttons to function. Adwcleaner simply disables those Exclusions options after a scan, presumably for security reasons so no settings changes can be made before the notified threat from a scan has been addressed one way or the other. Anyway that is sorted now and the advice to add the exclusions directly via the right mouse click context menu, which I had not thought to try, does work and scans now report 'No Problems'. I guess you were correct about it being being a value data issue not the key itself. Good call. But is it not a bit strange that you can add exclusions via the context menu immediately after a scan but not do the same via the Settings > Exclusion screen.
  2. As a follow up to this, although unnecessary as those Adwcleaner designated "threats" reappear every time Spybot definitions are updated, I decided to add them to the exclusions list. The problem I'm having now is that despite the paths being (laboriously0 individually copied direct from the Adwcleaner scan log and added to the Exclusions list those exclusions are being ignored and with each new scan they being reported again. I've checked and the exclusions are all there and exactly the same paths so why are those locations still being reported? Annoyingly I discovered you can't just add them in the default mode either you have to launch Adwcleaner in admin mode (right click > Properties > Compatibility > and tick: always run as administrator) for the Add Exclusions button and other options to become available. Also I'm not sure what, for the particular files listed in my original post, I should be using as the Exclusion Type. 'Family' being set as default I don't understand - I just wanted those very particular paths excluded but whatever I use it seems it is being ignored. I'm probably writing them in the wrong way or something like that so if someone can explain it would b appreciated.
  3. Thanks for the reply/information. I guessed the registry key value 4 meant the domain was one of those on the restricted list, useful to have that confirmed.
  4. I've used an old version of Spybot for years as a low level additional protection as it has a very small profile/low resource use and doesn't interfere with anything very much. I've run scans with AdwCleaner in the past and its has never had a problem but at some point, I think fairly recently, it has been reporting the following on my PC:- PUP.Optional.Legacy HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\dospop.com PUP.Optional.Legacy HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\incredibar.com PUP.Optional.Legacy HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\dospop.com PUP.Optional.Legacy HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\incredibar.com PUP.Optional.Legacy HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\dospop.com PUP.Optional.Legacy HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\incredibar.com First time it happened, like a good boy, I allowed AdwCleaner to clean and restart. All gone, all good............but a couple of weeks later I ran the scan again and they're all back. This kept on happening and then I eventually noticed something - every time after I'd used AdwCleaner and then later updated Spybot definitions and applied what it calls browser immunisation it showed 6 items as unprotected. It took some time to click even then but when it did and I did a bit of research I found "Zonemap" is used by browsers IE in particular as the designated registry location for restricted and trusted web sites. Spybot adds its own definitions to this list and those six items AdwCleaner is deleting as PUPs are apparently from Zonemap's list of restricted domains. Identifying what is trusted and what is restricted from the Zonemap lists is not clear (anyone here know?) but the registry entries for the IE trusted sites are slightly different from the bulk of the others I've looked at. I am pretty sure those six are restricted domains. It would appear AdwCleaner is actually removing protection from my system by deleting these entries. Obviously I can add them to an exclusion list from now on but I thought it worth mentioning this matter here now I've discovered what they are and why they keep reappearing. The restricted domains shown in Zonemap are very numerous, there are hundreds of them covering everything dodgy from gambling web sites to HC porn so the question that also has to asked is why are only those six considered PUPs?
  5. I'm was getting this with WinXP running on a VM both timedate.cpl and an associated cache.dll causing me to do a full system scan as the supposed trojan sounded extra nasty. So time wasted worrying and doing that not appreciated. However I can also confirm the later update in the day: v2019.05.25.06 appears to have fixed the problem. Thanks for that. Was this a WinXP 32bit only thing? I ask because I updated my host 64bit OS's Malwarebytes definitions at the same time and did my at least weekly quick scan at the same time and it did not flag up the same file(s) either from outside scanning the VM XP installation or indeed its own timedate.cpl files, present in both the System32 and SysWOW64 folders. The file concerned appears to be the OS clock so how on earth did that rather important system file end up getting identified as a trojan anyway?
  6. I've just updated to v7.2.2 and suddenly from a system free of threats had a nasty 'surprise' and found it reporting almost 200 very similar entries (all just as others have described) have now been flagged as PUPs etc. I went back and tried v7.2.0 and that reports my system is free of threats. Clearly some issue with the new version but what? So I come here and find it is a problem between the new AdwCleaner version and Spybot, which I have used for years quietly, in the background without problems. Mind put at rest for the time being. IMHO it is pretty pointless adding these to AdwCleaner exclusions unless you desperately want to use the new version for some reason. It is has a fault, it shouldn't be doing this, previous versions certainly didn't and TBH I'm not really concerned about why just that it is fixed as soon as conveniently possible, please. That other (helpful) thread is from a month ago so this conflict has been known for some time. Until then going back to the previous version must be the more sensible reaction.
  7. Thanks for the very quick response and fix. Appreciated.
  8. Yesterday I ran an AdwCleaner v7.0.8.0 scan as I do once a week and it informed me, as it so often does, before starting the scan that there is a new version available. I didn't bother at that time, went ahead with the scan and as usual it showed no problems. Today less than 12hrs later I do update to the newer version, run a scan and it flags up two 'problems':- PUP.Multiplug.Heuristic C:\ProgramData\AUDYSSEY LABS PUP.Optional.InfoG HKLM\Software\Classes\INETCTLS.INET Re-ran the scan using v7.0.8.0 and that again shows my system is all clear. Now call me overly suspicious but if the definitions for such PUP and other unwanted stuff is being downloaded from the same data base each time you use AdwCleaner why is there this anomaly? I don't like the fact that such a tool as AdwCleaner doesn't give you the opportunity to check/research the flagged items without opting not to clean and having to go to the logs to find out exactly where these supposed nasties are located. When something like this happens what it suggests is that either the older AdwCleaner has missed the problem or the newer one is over-sensitive and has flagged up some false positives. Either way it doesn't inspire confidence in the tool does it? I'm particularly concerned about the Audyssey Labs one as all there is in that folder (hidden/system files set to display) are two files ApoHeadphoneTuning.Audy" and "ApoSpeakerTuning.Audy which I'm pretty sure are meant to be there as part of my PC's audio tools. When I researched this I found that last year the same file(s), reported in this very forum, were also being flagged by AdwCleaner as PUPs and a fix was applied to stop this false positive repeating. I'd bet the same sort of thing applies to the PUP.Optional.InfoG HKLM\Software\Classes\INETCTLS.INET but I await advice on that. But until this is sorted I'm going back to using v7.0.8.0.
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.