Jump to content
Gt-truth

possible A FP - need to look at it

Recommended Posts

is this a FP or no (MALWAREBYTES has not detect anything) it only the Adwarecleaner

https://blog.malwarebytes.com/detections/pup-adware-heuristics/?x-source=adw&ADDITIONAL_x-source=adw

# -------------------------------
# Malwarebytes AdwCleaner 7.2.4.0
# -------------------------------
# Build:    09-25-2018
# Database: 2018-10-31.2 (Cloud)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start:    11-05-2018
# Duration: 00:00:38
# Scanned:  32026
# Detected: 1


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

PUP.Adware.Heuristic            HKLM\Software\Wow6432Node\808fc302-3d01-59ce-8094-e0443a55877e

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.


AdwCleaner[S00].txt - [1249 octets] - [16/10/2018 22:38:29]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S01].txt ##########

 

Share this post


Link to post
Share on other sites

***This is an automated reply***

Hi,

Thanks for posting in the AdwCleaner Help forum.

Someone will reply shortly, but in the meantime here are a few resources which may help resolve your issue:

Thanks in advance for your patience.

-The Malwarebytes Forum Team

Share this post


Link to post
Share on other sites

Hi!

Can you share the content of HKLM\Software\Wow6432Node\808fc302-3d01-59ce-8094-e0443a55877e registry key?

Thanks!

Share this post


Link to post
Share on other sites
4 hours ago, Elisabeth said:

Hi!

Can you share the content of HKLM\Software\Wow6432Node\808fc302-3d01-59ce-8094-e0443a55877e registry key?

Thanks!

Hi @Elisabeth

how to do this ?

do I need to go to registry and search for this key or what ?

BTW : searching in the windows 10 registry is very slow and it take a bit quite time !

Edited by Gt-truth

Share this post


Link to post
Share on other sites

Hi,

Sorry, I should've be more specific.To create a registry export of the key please do the following:

  • Click on Start and select Run or press the Windows Key+R on your keyboard
  • In the Run box type regedit and press Enter or click on OK and click Yes if prompted by User Account Control
  • Navigate to the following location by clicking the little arrows next to the appropriate folders to expand them: HKEY_LOCAL_MACHINE\Software\Wow6432Node\808fc302-3d01-59ce-8094-e0443a55877e
  • Once there, right-click on the 808fc302-3d01-59ce-8094-e0443a55877e folder and select Export and then save the file to your desktop or another location where you will be able to find it easily and give it a name such as ExportedKey
  • Locate the file and right-click on it and hover your mouse over Send to and select Compressed (zipped) folder
  • Attach the resulting ZIP folder you just created to your next reply. You can also PM me.

Thank you!

Share this post


Link to post
Share on other sites

Hi,

So yes, it's a FP. It will be removed in the next version (7.2.5) that will be release very soon. Meanwhile, you can exclude it from the Scan Results panel (right click on the detection) or adding it as an exclusion in the Exclusions panel.

Thank you!

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

  • Recently Browsing   0 members

    No registered users viewing this page.

×

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.