[Virus false positive ? by update to version 6.06.10144]

@nukecad: thank you, it's important to know that it's not really a 'virus infection'. I'll try again tomorrow.

[Virus false positive ? by update to version 6.06.10144]

Kaspersky detected :

Event: Malicious object detected
Application: ccupdate606_free.exe
User: xxxxx
User type: Active user
Component: System Watcher
Result description: Detected
Type: Trojan
Name: PDM:Trojan.Win32.Generic
Threat level: High
Object type: Process
Object path: e:\program files\ccleaner\temp_ccupdate
Object name: ccupdate606_free.exe
Reason: Databases
Databases release date: Today, 16/11/2022 10:59:00

The program was totally removed by KIS, I reinstalled the old version 6.05.10110

I did not have that problem on Windows 11, only windows 10, strange ....

Please advise.

Thank you.

[[Hotfix Released] CCleaner wiping Chrome profile for some users]

Same things is happening to me !

[Kaspersky system changes control]

@Andavari : thanks for the link to the pdf, I saved it;

 

Under application control Piriform is and was under trusted applications.

The problem was with system changes and I had to allow CCleaner to make changes, like explained by mta, in order to have cookies etc. cleaned.

[Kaspersky system changes control]

All PC's have the same version of CC, KIS and windows.

 

So now I clicked to always allow CC on the PC in question !

 

Problem solved..... I hope.

 

Thanks.

[Kaspersky system changes control]

Thanks for your reply, it makes sense but ...... this is only happening since I updated CCleaner and on one computer only,

KIS 2016 is installed on all computers, OS Windows 7 Home Premium 64bit, with System Changes Control enabled.

[Kaspersky system changes control]

Hi,

Since I updated CCleaner to version 5.10.5273, every time I use the application  I get a warning from 

Kaspersky : "canceled change of google chrome settings by CCleaner"

The application was not allowed to change the browser configuration file.

 

I really wonder what it means and what can be done.

Do I have to worry about it ?

 

Thanks.

[Keep getting a popup window in lower right saying there is an update.]

Ok I'm wrong. I just got it too.

 

The developers read all threads but I'll make sure they are aware that the button shouldn't be there unless there's an update

 

 

Click to update1.jpg

Thank you !

[Keep getting a popup window in lower right saying there is an update.]

I have the same problem.

I suppose (hope) it's a bug, it occurs on all the computers !

[Virtualized folder]

When I do not want a folder I delete it, and if necessary BLOCK IT.

I block it by replacing it with a file that uses the same name and setting attributes +R +S +H

 

That seems to stop System Restore from monitoring my External USB2 Hard Drive NTFS partitions.

 

Alan

Great !

[Virtualized folder]

Disabling Protected Mode is not a good idea. Why don't you add the Virtualized folder to CCleaner's Exclude list ?

Maybe not, but the virtualized folder is just the thing that makes the computer slow down, and adding it NOT to be removed is probably not a good idea as well.

Mind you when the computer is restarted IE is back in "protected mode". For the moment I'll leave it on and surf with Google Chrome which is getting an update tomorrow (11 patches)and use alternatively IE and Chrome, according to the protection I need to have for a particular task, like downloads etc.

[Virtualized folder]

Hello,

In the meantime, the solution suggested by Blue Medicine works like a charm.

Leave UAC on and disable protected mode in IE8, no more virtualized folder.

To be safe I surf now with Safe Run from KIS.

Thank you all for your kind reactions.

[Virtualized folder]

Hello Aethec,

Finished the KIS scan and nothing was found.

Strange things happen to computers, but this is beyond my comprehension. That C\ folder seems not to reappear (deleted it) but nevertheless I'm sure it will be recreated soon enough. I cannot find it on the laptop either but I don't use this one extensively.

Thanks for your reply.

 

In the meantime I submited a HJT log in the forum of Blue Medicine, that will take some time to get a reply there, and .... that virtualized folder came back with a vengeance, almost an exact copy of the thumbnail cache and slowed down Internet Explorer again, deleted it. Drives me nuts.

UAC maybe for safety and clicking OK if I want or not open some file or program does not disturb me but filling the memory is.

[Virtualized folder]

The thing was : typing "on line" like now, it's like the text "had" a delay in showing up and with UAC disabled I never had that, it seems better now.

Maybe you're right about an infection, did a malwarebytes scan already and did not find anything.

I had no idea about that virtualized folder until yesterday CCleaner came up with such a huge file that I went looking for details. Surfed around this morning, disabled the 24 hours thing on CCleaner and so far it did not find any of that stuff again..so I suppose it's only generated in connection with a specific action, download or searching, don't know.

Also yesterday I tried to install the new version of HJT and got the warning that it could not be installed on a non-existing drive (probably that C file) today it went OK but have to run the app as administrator in order to get it working, did that but it says that HJT is already running, I suppose restarting the computer might solve that.

Every day the computer is scanned by mbam and KIS's quick scan and nothing was ever found.

I will perform a full scan now with KIS and wait for the result.

[Virtualized folder]

@Nergal

OK, I did disable it, I will reneable it but .... it slows down the computer so much and even when typing on line the text appears a few seconds after typing.

I did enable it due to the MS DLL thing.

Is there any way to avoid this, I use Ccleaner many times during the day. My system is Vista Home Premium SP2 and I cannot use the secpol thing to configure UAC, and it's not only the virtualized folder some compatibility folder is some apps is also appearing, some apps have to be opened as administrator or it's impossible to save changes in some 3D progs.

[Virtualized folder]

Aethec, thanks for your reply.

Will disable UAC asap en delete all the obsolete files.

Thanks again and have a nice weekend.

[Virtualized folder]

Today for some reason a folder Virtualized was created on my computer.

Found out by running Ccleaner. This is a quite substantial file to delete, so far I did not.

Can I safely delete those files ? Why did they come on the computer in the first place.

Please someone help, the computer slows down and typing is kind of delayed.

Thank you.log.txt

 

Is it possible that the UAC does this, because I enabled it just a few days ago, since the Microsoft's DLL Hijack. Maybe that was not a good idea.

[Startup item]

Thanks for your reply.

Will disable it, don't have the site advisor any more because of the conflict with KIS.

[Startup item]

@Stocker360 : Sorry didn't realize ! Panicked because some other error "buffer overrun", just thought it might be realted.

@Rorschach112 : yep I had only the site Advisor (free) on the computer.

To both of you : thanks for replying.

 

In the meantime I downloaded and ran The Comedian : it performed tasks and disappeared I suppose a report is only made when something is found.

 

Did a scan with Mbam and nothing was found.

 

A full scan with KIS did not find anything either.

[Startup item]

In my startups the following item was added, maybe spyware, I don't know :

Startup Common $McRebootAE5E6DEAA56$.Ink

Can someone please tell what this is, it sure wasn't there before.

Thanks.

My system runs on Vista Home Premium SP1.