Xplode, thank you for a great tool. Recently I came across a malware auto-reinstaller that AdwCleaner v4.205 does not detect. I completely removed it using Malwarebytes Anti-Malware program.
Log files (and any other data ) available upon request.
Here are the details:
AdwCleaner removed all malware, but it would reinstall after about 5 minutes. I do not know which was the undetected culprit, but here is a list of everything Malwarebytes removed:
PUP.Optional.MultiPlug.Gen, PUP.Optional.ModGoog, PUP.Optional.GigaClicks.A, PUP.Optional.SearchProtect, PUP.Optional.EduApp.A, PUP.Optional.GigaClicks.C, PUP.Optional.Infonaut.A, PUP.Optional.SuperClick.A, PUP.Optional.CrossRider.C, PUP.Optional.Coupoon.A, PUP.Optional.CinemaPlus.A, PUP.Optional.Shopperz.A,PUP.Optional.MBot.A,PUP.Optional.GamesDesktop.A,PUP.Optional.MultiPlug.A,PUP.Optional.CrossBrowse.C,PUP.Optional.BundleInstaller.A,PUP.Optional.SearchProtect.A,PUP.Optional.GlobalUpdate.A,PUP.Optional.Trovi.A,PUP.Optional.Appmgr.A,PUP.Optional.JellySplit.Gen.A,PUP.Optional.Tuto4PC.A,PUP.Optional.SmartWeb.A,PUP.Optional.CrossBrowse, PUP.Optional.CrossRider.A,PUP.Optional.Imali.SID.A,PUP.Optional.Bundle,PUP.Optional.CheckOffer, PUP.Optional.BrowseFox, PUP.Optional.OfferInstaller.C,PUP.Optional.PCOptimizerPro,PUP.Optional.WebBar.A,PUP.Optional.Tuto4PC.A,
PUP.Optional.SuperClick.A,PUP.Optional.Conduit.A,PUP.Optional.ModGoog,PUP.Optional.Amonetize,PUP.Optional.SearchProtect,PUP.Optional.SndVol.A,PUP.Optional.ABEngine.A,PUP.Optional.Vitruvian.A,PUP.Optional.GlobalUpdate.A,PUP.Optional.Trovi.A.
j'ai la version 4.205 adwcleaner et j'ai une fenêtre "AutoIt Error" Line 17221 (File "C:\Users\....\adwcleaner_4.205.exe")
Error:Array variable has incorrect number of subscripts or subscripts dimension range exceeded.
en cliquant sur 'ok" tout se ferme ...
i discover the mistery..the one on this site is still the old 4.204...
the correct file is on the ext mirror 1:
http://www.bleepingcomputer.com/download/adwcleaner/dl/125/
cheers!!
:)
hi!
first so many thxs again for yr wonderful work!
i've just dl this new vers 4.205 but when i run it it says its the odl one..
so if i go to the properties of the file .exe i see that the number is stil 4.204..
why..?
could you pls help me!
thxs again!
cheers!
:)
AdwCleaner it cleaned AllMyNotes Organizer file, how to save anyone know?
First of all: I Love AdwCleaner. It only deletes the following keys that are used for Exact Globe (See: http://www.exact.nl/ ) HKCU\Software\eXact, HKLM\SOFTWARE\eXact, HKU\.DEFAULT\Software\eXact, HKCY64\Software\eXact. When these are deleted i cannot use the program. After an ''recheck of all files'' it works again.
j avais téléchargé \Between Lines# que j ai supprimé dans les extensions sur firefox mais pour être tranquille j ai téléchargé Adw cleaner ,j aimerais savoir si je dois supprimer ce que Adw cleaner trouve ou pas car dans l ignorance je lui ai fait supprimer seulement between lines , inutile de vs dire que je n y comprends pas grand chose ! merci d avance Option : Nettoyer
***** [ Services ] *****
***** [ Fichiers / Dossiers ] *****
[x] Non Supprimé : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriverWhiz
Dossier Supprimé : C:\Program Files (x86)\Between Lines
[x] Non Supprimé : C:\Users\Nicole\AppData\Roaming\Mozilla\Firefox\Profiles\xb4g5o81.default\user.js
***** [ Tâches planifiées ] *****
***** [ Raccourcis ] *****
***** [ Registre ] *****
[x] Non Supprimée : HKLM\SOFTWARE\Classes\AppID\WMHelper.DLL
[x] Non Supprimée : HKLM\SOFTWARE\Classes\AppID\{A7DDCBDE-5C86-415C-8A37-763AE183E7E4}
[x] Non Supprimée : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
[x] Non Supprimée : HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
[x] Non Supprimée : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
[x] Non Supprimée : [x64] HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
[x] Non Supprimée : [x64] HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
[x] Non Supprimée : [x64] HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
[x] Non Supprimée : HKCU\Software\eSupport.com
[x] Non Supprimée : HKCU\Software\DriverWhiz
[x] Non Supprimée : HKCU\Software\Local AppWizard-Generated Applications
[x] Non Supprimée : [x64] HKCU\Software\eSupport.com
[x] Non Supprimée : [x64] HKCU\Software\DriverWhiz
[x] Non Supprimée : [x64] HKCU\Software\Local AppWizard-Generated Applications
[x] Non Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride]
***** [ Navigateurs ] *****
-\\ Internet Explorer v11.0.9600.17416
-\\ Mozilla Firefox v37.0.2 (x86 fr)
-\\ Opera v0.0.0.0
*************************
AdwCleaner[R0].txt - [2120 octets] - [27/04/2015 10:42:54]
AdwCleaner[S0].txt - [2100 octets] - [27/04/2015 10:45:57]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [2160 octets] ##########
Super nettoyage après infection de Firefox et IExplorer, suite à une installation d'un logiciel de téléchargement.
L'antivirus n'a rien pu faire!
# Exécuté depuis : D:\LogPortbl\Adwcleaner\adwcleaner_4.202.exe
# Option : Nettoyer
***** [ Services ] *****
[#] Service Supprimé : IHProtect Service
***** [ Fichiers / Dossiers ] *****
Dossier Supprimé : C:\ProgramData\IHProtectUpDate
Dossier Supprimé : C:\Program Files\XTab
Fichier Supprimé : C:\Users\CRT\AppData\Roaming\Mozilla\Firefox\Profiles\uubmtnwl.default\user.js
***** [ Tâches planifiées ] *****
***** [ Raccourcis ] *****
Raccourci Désinfecté : C:\Users\CRT\Desktop\Mozilla Firefox.lnk
Raccourci Désinfecté : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
Raccourci Désinfecté : C:\Users\CRT\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
Raccourci Désinfecté : C:\Users\CRT\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
Raccourci Désinfecté : C:\Users\CRT\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk
Bonsoir,
Cette version 4.201 est en anglais.
J'ai viré le moteur de recherche Ixquick et Yahoo
Pour le reste, mêmes résultats et je ne sais pas si je peux supprimer
J'aimerais avoir votre avis et savoir éventuellement d'où pourrait venir ces services.
# AdwCleaner v4.201 - Logfile created 08/04/2015 at 19:09:25
# Updated 08/04/2015 by Xplode
# Database : 2015-04-08.1 [Server]
# Operating system : Microsoft Windows XP Service Pack 3 (x86)
# Username : sophia -
# Running from : C:\Documents and Settings\sophia\Bureau\adwcleaner_4.201.exe
# Option : Scan
***** [ Services ] *****
Service Found : 36596706
Service Found : 68597101
Service Found : 68597102
***** [ Files / Folders ] *****
File Found : C:\WINDOWS\system32\drivers\36596706.sys
File Found : C:\WINDOWS\system32\drivers\68597101.sys
File Found : C:\WINDOWS\system32\drivers\68597102.sys
***** [ Scheduled tasks ] *****
***** [ Shortcuts ] *****
***** [ Registry ] *****
***** [ Web browsers ] *****
-\\ Internet Explorer v8.0.6001.18702
-\\ Mozilla Firefox v37.0.1 (x86 fr)
-\\ Comodo Dragon v
False positives: Chrome AdBlocker Plus and Click 'n Clean plugins
File Found : C:\Users\Tony\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_pafkbggdmjlpgkdkcbjmhmfcdpncadgh_0.localstorage
File Found : C:\Users\Tony\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_pafkbggdmjlpgkdkcbjmhmfcdpncadgh_0.localstorage-journal