Bonjour,
Le répertoire protected créé par une de mes applications est systématiquement mis en quarantaine. Est-ce normal ?
Ci-après un extrait du log:
# AdwCleaner v4.112 - Logfile created 18/03/2015 at 18:01:18
# Updated 09/03/2015 by Xplode
# Database : 2015-03-15.1 [Server]
# Operating system : Windows 7 Enterprise Service Pack 1 (x64)
# Username : XXXXXXX - XXXXXXXXXXXX
# Running from : C:\My Program Files\adwcleaner_4-112_fr_430277.exe
# Option : Cleaning
***** [ Services ] *****
***** [ Files / Folders ] *****
Folder Deleted : C:\Users\XXXXXXX\Documents\protected
***** [ Scheduled tasks ] *****
…
Par avance merci de votre aide.
Bonjour,
AdwCleaner v4.110, v.4.111 et la nouvelle version v4.112 mentionnent 3 clés appartenant à AVS dont je reprend le contenu partiel ci-dessous.
[HKEY_LOCAL_MACHINESOFTWAREWow6432NodeClassesCLSID{28C02550-6572-401a-A2AE-5BC703C9BBA6}InprocServer32]
@="C:Program Files (x86)Common FilesAVSMediaActiveXAVSAudioDXPlayer3.dll"
[HKEY_LOCAL_MACHINESOFTWAREWow6432NodeClassesCLSID{A1CCCE0D-AE21-42A2-BE58-8E6109410995}InprocServer32]
@="C:Program Files (x86)Common FilesAVSMediaActiveXAVSAudioDxPlayer4.dll"
[HKEY_LOCAL_MACHINESOFTWAREWow6432NodeClassesCLSID{CD4D7B0F-45C6-4bb2-A1E7-54D1754E7FC5}InprocServer32]
@="C:Program Files (x86)Common FilesAVSMediaActiveXAVSAudioDXTransform3.dll"
Je l'ai ai déjà signalés auparavant et pense qu'il s'agit de faux positifs car ces clés semblent nécessaires au logiciel AVS4YOU.
Pourriez vous me renseigner, s'il vous plait, par email
D'avance merci
Bonjour,
AdwCleaner v4.110 et la nouvelle version v4.111 mentionnent 3 clés appartenant à AVS dont je reprend le contenu partiel ci-dessous.
[HKEY_LOCAL_MACHINESOFTWAREWow6432NodeClassesCLSID{28C02550-6572-401a-A2AE-5BC703C9BBA6}InprocServer32]
@="C:Program Files (x86)Common FilesAVSMediaActiveXAVSAudioDXPlayer3.dll"
[HKEY_LOCAL_MACHINESOFTWAREWow6432NodeClassesCLSID{A1CCCE0D-AE21-42A2-BE58-8E6109410995}InprocServer32]
@="C:Program Files (x86)Common FilesAVSMediaActiveXAVSAudioDxPlayer4.dll"
[HKEY_LOCAL_MACHINESOFTWAREWow6432NodeClassesCLSID{CD4D7B0F-45C6-4bb2-A1E7-54D1754E7FC5}InprocServer32]
@="C:Program Files (x86)Common FilesAVSMediaActiveXAVSAudioDXTransform3.dll"
Je pense qu'il s'agit de faux positifs car ces clés semblent nécessaires.
D'avance merci
Je confirme :
La suppression du dossier "C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\***.default\Extensions\{3b56bcc7-54e5-44a2-9b44-66c3ef58c13e}" enlève le module de Firefox HTML Validator et la supression du dossier "C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\icpgjfneehieebagbmdbhnlpiopdcmna" "casse" sans enlever le module de Chrome New Tab Redirect.
Ça se corrige facilement, mais ce n'est pas très propre pour ce petit utilitaire sympathique.
Bonjour malgré la derniere version d'AdwCleaner il y a toujours 3 faux positifs concerant 3 logiciels sain.
Il s'agit de LastPass (je n ai pas de rapport car un ami m a dit qu il y avait faux positifs.
Concernant les 2 autres il s'agit d'IDM http://www.internetdownloadmanager.com/download.html
Clé Trouvée : HKLM\SOFTWARE\Classes\CLSID\{0055C089-8582-441B-A0BF-17B458C2A3A8}
Clé Trouvée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0055C089-8582-441B-A0BF-17B458C2A3A8}
Clé Trouvée : [x64] HKLM\SOFTWARE\Classes\CLSID\{0055C089-8582-441B-A0BF-17B458C2A3A8}
Clé Trouvée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0055C089-8582-441B-A0BF-17B458C2A3A8}
et de la nouvelle version 15 de Driver Genius http://www.driver-soft.com/
Dossier Trouvé : C:\Program Files (x86)\driver-soft
Dossier Trouvé : C:\ProgramData\drivergenius
Dossier Trouvé : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\driver genius
Fichier Trouvé : C:\Users\m\Desktop\Driver Genius.lnk
***** [ Tâches planifiées ] *****
***** [ Raccourcis ] *****
***** [ Registre ] *****
Clé Trouvée : HKLM\SOFTWARE\Classes\CLSID\{059EACC2-1ABE-49E8-928D-DC8BD355B7A9}
Clé Trouvée : HKLM\SOFTWARE\Driver-Soft
Clé Trouvée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Driver Genius_is1
McAfee seems to have a problem with the newest update. It quarantines the exe file. Please see this thread:
https://community.mcafee.com/thread/78134
Got rid of 'Client.exe"...very happy... this file was killing my Firefox browser with "ad.doubleclick.net"...would not let me browse...Adware,Malware,Defender did not detect "Client.exe"..thank you!..*john wjbr@sympatico.ca
False positives (it's a legitimate VPN extension):
C:\Users\User\AppData\Local\Hola
HKLM\SOFTWARE\Google\Chrome\Extensions\ncffjdbbodifgldkcbhmiiljfcbgjag
If I remember correctly there's also a false positive for the Hola Unblocker Firefox add-on. However, the Firefox add-on stopped working for me - possibly due to AdwCleaner cleaning away files needed for it to work - and re-installing it doesn't help, so I can't submit a report for that add-on. The add-on can be installed from here if anyone wants to have a look at it: http://hola.org/
@cocochepeau Hi, As, after AdwCleaner requested to restart the computer after scan and clean, I was not able to log in anymore into the standard account from where I ran AdwCleaner, Therefore I didn't get the report, but I guess it should still be somewhere on my computer. I ran again AdwCleaner but with starting the scan, just to see if it sees the report, but the Report button is grayed out. I downloaded several versions of AdwCleaner, so I may not ran the same version. I don't know if that matters. On the other hand, if I press uninstall (without actually starting the uninstall) I see the files from the quarantine, but not the changes made to the registry. For the files you may take a look at: http://1drv.ms/16uCsum
@cocochepeau
Here are most of the entries I could find. I believe the Hotspot Shield drivers might be the culprit. One user had a driver inside Device Manager. Replacing that driver with one from another working computer seems to have corrected the connection issue.
Folder Deleted : C:\ProgramData\hotspot shield
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\hotspot shield
Folder Deleted : C:\Program Files (x86)\hotspot shield
Folder Deleted : C:\Windows\SysWOW64\hotspot shield
File Deleted : C:\Windows\System32\drivers\taphss6.sys
File Deleted : C:\Windows\System32\drivers\hssdrv6.sys
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\hotspotshield
Key Deleted : HKLM\SOFTWARE\hotspotshield
Key Deleted : HKCU\Software\anchorfree
Folder Found : C:\Users\Sid\AppData\Roaming\hotspot shield
Folder Found : C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\hotspot shield