comment

sur la page de AdwCleaner

de whisper_man, (20 mars 2015)

Bonjour,

Le répertoire protected créé par une de mes applications est systématiquement mis en quarantaine. Est-ce normal ?
Ci-après un extrait du log:
# AdwCleaner v4.112 - Logfile created 18/03/2015 at 18:01:18
# Updated 09/03/2015 by Xplode
# Database : 2015-03-15.1 [Server]
# Operating system : Windows 7 Enterprise Service Pack 1 (x64)
# Username : XXXXXXX - XXXXXXXXXXXX
# Running from : C:\My Program Files\adwcleaner_4-112_fr_430277.exe
# Option : Cleaning

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\Users\XXXXXXX\Documents\protected

***** [ Scheduled tasks ] *****


Par avance merci de votre aide.

comment

sur la page de AdwCleaner

de Alain_Gheysens, (10 mars 2015)

Bonjour,
AdwCleaner v4.110, v.4.111 et la nouvelle version v4.112 mentionnent 3 clés appartenant à AVS dont je reprend le contenu partiel ci-dessous.
[HKEY_LOCAL_MACHINESOFTWAREWow6432NodeClassesCLSID{28C02550-6572-401a-A2AE-5BC703C9BBA6}InprocServer32]
@="C:Program Files (x86)Common FilesAVSMediaActiveXAVSAudioDXPlayer3.dll"
[HKEY_LOCAL_MACHINESOFTWAREWow6432NodeClassesCLSID{A1CCCE0D-AE21-42A2-BE58-8E6109410995}InprocServer32]
@="C:Program Files (x86)Common FilesAVSMediaActiveXAVSAudioDxPlayer4.dll"
[HKEY_LOCAL_MACHINESOFTWAREWow6432NodeClassesCLSID{CD4D7B0F-45C6-4bb2-A1E7-54D1754E7FC5}InprocServer32]
@="C:Program Files (x86)Common FilesAVSMediaActiveXAVSAudioDXTransform3.dll"

Je l'ai ai déjà signalés auparavant et pense qu'il s'agit de faux positifs car ces clés semblent nécessaires au logiciel AVS4YOU.
Pourriez vous me renseigner, s'il vous plait, par email
D'avance merci

comment

sur la page de AdwCleaner

de Alain_Gheysens, (07 mars 2015)

Bonjour,
AdwCleaner v4.110 et la nouvelle version v4.111 mentionnent 3 clés appartenant à AVS dont je reprend le contenu partiel ci-dessous.
[HKEY_LOCAL_MACHINESOFTWAREWow6432NodeClassesCLSID{28C02550-6572-401a-A2AE-5BC703C9BBA6}InprocServer32]
@="C:Program Files (x86)Common FilesAVSMediaActiveXAVSAudioDXPlayer3.dll"
[HKEY_LOCAL_MACHINESOFTWAREWow6432NodeClassesCLSID{A1CCCE0D-AE21-42A2-BE58-8E6109410995}InprocServer32]
@="C:Program Files (x86)Common FilesAVSMediaActiveXAVSAudioDxPlayer4.dll"
[HKEY_LOCAL_MACHINESOFTWAREWow6432NodeClassesCLSID{CD4D7B0F-45C6-4bb2-A1E7-54D1754E7FC5}InprocServer32]
@="C:Program Files (x86)Common FilesAVSMediaActiveXAVSAudioDXTransform3.dll"

Je pense qu'il s'agit de faux positifs car ces clés semblent nécessaires.
D'avance merci

comment

sur la page de AdwCleaner

de ****, (06 mars 2015)

Je confirme :
La suppression du dossier "C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\***.default\Extensions\{3b56bcc7-54e5-44a2-9b44-66c3ef58c13e}" enlève le module de Firefox HTML Validator et la supression du dossier "C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\icpgjfneehieebagbmdbhnlpiopdcmna" "casse" sans enlever le module de Chrome New Tab Redirect.
Ça se corrige facilement, mais ce n'est pas très propre pour ce petit utilitaire sympathique.

comment

sur la page de AdwCleaner

de mmm, (03 mars 2015)

Bonjour malgré la derniere version d'AdwCleaner il y a toujours 3 faux positifs concerant 3 logiciels sain.
Il s'agit de LastPass (je n ai pas de rapport car un ami m a dit qu il y avait faux positifs.
Concernant les 2 autres il s'agit d'IDM http://www.internetdownloadmanager.com/download.html

Clé Trouvée : HKLM\SOFTWARE\Classes\CLSID\{0055C089-8582-441B-A0BF-17B458C2A3A8}
Clé Trouvée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0055C089-8582-441B-A0BF-17B458C2A3A8}
Clé Trouvée : [x64] HKLM\SOFTWARE\Classes\CLSID\{0055C089-8582-441B-A0BF-17B458C2A3A8}
Clé Trouvée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0055C089-8582-441B-A0BF-17B458C2A3A8}

et de la nouvelle version 15 de Driver Genius http://www.driver-soft.com/
Dossier Trouvé : C:\Program Files (x86)\driver-soft
Dossier Trouvé : C:\ProgramData\drivergenius
Dossier Trouvé : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\driver genius
Fichier Trouvé : C:\Users\m\Desktop\Driver Genius.lnk

***** [ Tâches planifiées ] *****


***** [ Raccourcis ] *****


***** [ Registre ] *****

Clé Trouvée : HKLM\SOFTWARE\Classes\CLSID\{059EACC2-1ABE-49E8-928D-DC8BD355B7A9}
Clé Trouvée : HKLM\SOFTWARE\Driver-Soft
Clé Trouvée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Driver Genius_is1

comment

sur la page de AdwCleaner

de ****, (26 février 2015)

McAfee seems to have a problem with the newest update. It quarantines the exe file. Please see this thread:

https://community.mcafee.com/thread/78134

comment

sur la page de AdwCleaner

de ****, (22 février 2015)

Got rid of 'Client.exe"...very happy... this file was killing my Firefox browser with "ad.doubleclick.net"...would not let me browse...Adware,Malware,Defender did not detect "Client.exe"..thank you!..*john wjbr@sympatico.ca

comment

sur la page de AdwCleaner

de anonsubmitter, (07 février 2015)

False positives (it's a legitimate VPN extension):
C:\Users\User\AppData\Local\Hola
HKLM\SOFTWARE\Google\Chrome\Extensions\ncffjdbbodifgldkcbhmiiljfcbgjag

If I remember correctly there's also a false positive for the Hola Unblocker Firefox add-on. However, the Firefox add-on stopped working for me - possibly due to AdwCleaner cleaning away files needed for it to work - and re-installing it doesn't help, so I can't submit a report for that add-on. The add-on can be installed from here if anyone wants to have a look at it: http://hola.org/

comment

sur la page de AdwCleaner

de ****, (05 février 2015)

@cocochepeau Hi, As, after AdwCleaner requested to restart the computer after scan and clean, I was not able to log in anymore into the standard account from where I ran AdwCleaner, Therefore I didn't get the report, but I guess it should still be somewhere on my computer. I ran again AdwCleaner but with starting the scan, just to see if it sees the report, but the Report button is grayed out. I downloaded several versions of AdwCleaner, so I may not ran the same version. I don't know if that matters. On the other hand, if I press uninstall (without actually starting the uninstall) I see the files from the quarantine, but not the changes made to the registry. For the files you may take a look at: http://1drv.ms/16uCsum

comment

sur la page de AdwCleaner

de Me1, (03 février 2015)

@cocochepeau

Here are most of the entries I could find. I believe the Hotspot Shield drivers might be the culprit. One user had a driver inside Device Manager. Replacing that driver with one from another working computer seems to have corrected the connection issue.

Folder Deleted : C:\ProgramData\hotspot shield

Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\hotspot shield

Folder Deleted : C:\Program Files (x86)\hotspot shield

Folder Deleted : C:\Windows\SysWOW64\hotspot shield

File Deleted : C:\Windows\System32\drivers\taphss6.sys

File Deleted : C:\Windows\System32\drivers\hssdrv6.sys

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\hotspotshield

Key Deleted : HKLM\SOFTWARE\hotspotshield

Key Deleted : HKCU\Software\anchorfree

Folder Found : C:\Users\Sid\AppData\Roaming\hotspot shield

Folder Found : C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\hotspot shield