Jump to content

possible A FP - need to look at it


Gt-truth

Recommended Posts

is this a FP or no (MALWAREBYTES has not detect anything) it only the Adwarecleaner

https://blog.malwarebytes.com/detections/pup-adware-heuristics/?x-source=adw&ADDITIONAL_x-source=adw

# -------------------------------
# Malwarebytes AdwCleaner 7.2.4.0
# -------------------------------
# Build:    09-25-2018
# Database: 2018-10-31.2 (Cloud)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start:    11-05-2018
# Duration: 00:00:38
# Scanned:  32026
# Detected: 1


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

PUP.Adware.Heuristic            HKLM\Software\Wow6432Node\808fc302-3d01-59ce-8094-e0443a55877e

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.


AdwCleaner[S00].txt - [1249 octets] - [16/10/2018 22:38:29]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S01].txt ##########

 

Link to post
Share on other sites

  • Staff

***This is an automated reply***

Hi,

Thanks for posting in the AdwCleaner Help forum.

Someone will reply shortly, but in the meantime here are a few resources which may help resolve your issue:

Thanks in advance for your patience.

-The Malwarebytes Forum Team

Link to post
Share on other sites

4 hours ago, Elisabeth said:

Hi!

Can you share the content of HKLM\Software\Wow6432Node\808fc302-3d01-59ce-8094-e0443a55877e registry key?

Thanks!

Hi @Elisabeth

how to do this ?

do I need to go to registry and search for this key or what ?

BTW : searching in the windows 10 registry is very slow and it take a bit quite time !

Edited by Gt-truth
Link to post
Share on other sites

Hi,

Sorry, I should've be more specific.To create a registry export of the key please do the following:

  • Click on Start and select Run or press the Windows Key+R on your keyboard
  • In the Run box type regedit and press Enter or click on OK and click Yes if prompted by User Account Control
  • Navigate to the following location by clicking the little arrows next to the appropriate folders to expand them: HKEY_LOCAL_MACHINE\Software\Wow6432Node\808fc302-3d01-59ce-8094-e0443a55877e
  • Once there, right-click on the 808fc302-3d01-59ce-8094-e0443a55877e folder and select Export and then save the file to your desktop or another location where you will be able to find it easily and give it a name such as ExportedKey
  • Locate the file and right-click on it and hover your mouse over Send to and select Compressed (zipped) folder
  • Attach the resulting ZIP folder you just created to your next reply. You can also PM me.

Thank you!

Link to post
Share on other sites

  • 4 weeks later...
On 11/7/2018 at 12:50 PM, Elisabeth said:

Hi,

So yes, it's a FP. It will be removed in the next version (7.2.5) that will be release very soon. Meanwhile, you can exclude it from the Scan Results panel (right click on the detection) or adding it as an exclusion in the Exclusions panel.

Thank you!

Hi @Elisabeth

thanks ! but I just have to download the latest version (7.2.5) and however , this isn’t fix the FP ! the latest version of the Adwcleaner is still catch the same FP !

# -------------------------------
# Malwarebytes AdwCleaner 7.2.5.0
# -------------------------------
# Build:    11-26-2018
# Database: 2018-11-26.1 (Cloud)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start:    11-30-2018
# Duration: 00:00:30
# Scanned:  32232
# Detected: 1


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

PUP.Adware.Heuristic            HKLM\Software\Wow6432Node\808fc302-3d01-59ce-8094-e0443a55877e

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.


AdwCleaner[S00].txt - [1249 octets] - [16/10/2018 22:38:29]
AdwCleaner[S01].txt - [1368 octets] - [05/11/2018 12:04:29]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S02].txt ##########

 

Edited by Gt-truth
Link to post
Share on other sites

Hi @Gt-truth,

I'm so sorry about this. I thought it could be fixed but this FP is in someway special and we can't remove it. We're actively working on rewamping the generic detections to add major improvements that include the ability for us to fix those issues in a more effective manner.

Please exclude it for now and I'll keep you posted asap.

Thanks

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.