I used Adwcleaner last night, it finally got rid of something nasty in my firefox browser. I'd run 2 tools from Microsoft that came back saying that everything was clean. I'd also tried other anti-spyware tools that the internet said could delete my problem, but after hours of scanning my disk they did nothing. Adwcleaner took less time and actually worked. Bravo!
Bonjour,
AppData\Roaming\Mozilla\Firefox\Profiles\lhswaeu4.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi
Il me semble que cela appartient à Video DownloadHelper. C'est un module complémentaire de Firefox.
Faux positif ?
Cordialement.
Getting false detection, running Windows 10 tech preview build 10130
file doesn't seem to be signed by MS though.
# AdwCleaner v4.206 - Logfile created 07/06/2015 at 13:09:47
# Updated 01/06/2015 by Xplode
# Database : 2015-06-05.1 [Server]
# Operating system : Windows 10 Pro Insider Preview (x64)
# Username : kyoden - KYODEN-PC
# Running from : D:\Downloads\adwcleaner_4.206.exe
# Option : Scan
***** [ Services ] *****
Service Found : SensorDataService
***** [ Files / Folders ] *****
File Found : C:\WINDOWS\System32\SensorDataService.exe
http://virusscan.jotti.org/en/scanresult/4728fb836ba1522de2bd6fba0cc8bd877535f49b
https://www.virustotal.com/en/file/5048330a51ba3fb785407403159a5eac6fbf002d5c8a540c8765b73008f7bf63/analysis/1433700745/
Version 4.206 after the start of scanning stops with an error in the journal 0xc0000005.
DEP enabled for all services and applications.
Windows 7 х86.
- <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
- <System>
<Provider Name="Application Error" />
<EventID Qualifiers="0">1000</EventID>
<Level>2</Level>
<Task>100</Task>
<Keywords>0x80000000000000</Keywords>
<TimeCreated SystemTime="2015-06-07T14:21:34.000000000Z" />
<EventRecordID>474369</EventRecordID>
<Channel>Application</Channel>
<Computer>OLEGOS-PC</Computer>
<Security />
</System>
- <EventData>
<Data>adwcleaner_4.206.exe</Data>
<Data>4.2.0.6</Data>
<Data>556b7f98</Data>
<Data>unknown</Data>
<Data>0.0.0.0</Data>
<Data>00000000</Data>
<Data>c0000005</Data>
<Data>06ef79be</Data>
<Data>106c</Data>
<Data>01d0a12d3b6dc79a</Data>
<Data>C:\Users\OLEGOS\Desktop\adwcleaner_4.206.exe</Data>
<Data>unknown</Data>
<Data>7f775a2d-0d20-11e5-bd97-8c89a56f25d1</Data>
</EventData>
</Event>
Xplode, thank you for a great tool. Recently I came across a malware auto-reinstaller that AdwCleaner v4.205 does not detect. I completely removed it using Malwarebytes Anti-Malware program.
Log files (and any other data ) available upon request.
Here are the details:
AdwCleaner removed all malware, but it would reinstall after about 5 minutes. I do not know which was the undetected culprit, but here is a list of everything Malwarebytes removed:
PUP.Optional.MultiPlug.Gen, PUP.Optional.ModGoog, PUP.Optional.GigaClicks.A, PUP.Optional.SearchProtect, PUP.Optional.EduApp.A, PUP.Optional.GigaClicks.C, PUP.Optional.Infonaut.A, PUP.Optional.SuperClick.A, PUP.Optional.CrossRider.C, PUP.Optional.Coupoon.A, PUP.Optional.CinemaPlus.A, PUP.Optional.Shopperz.A,PUP.Optional.MBot.A,PUP.Optional.GamesDesktop.A,PUP.Optional.MultiPlug.A,PUP.Optional.CrossBrowse.C,PUP.Optional.BundleInstaller.A,PUP.Optional.SearchProtect.A,PUP.Optional.GlobalUpdate.A,PUP.Optional.Trovi.A,PUP.Optional.Appmgr.A,PUP.Optional.JellySplit.Gen.A,PUP.Optional.Tuto4PC.A,PUP.Optional.SmartWeb.A,PUP.Optional.CrossBrowse, PUP.Optional.CrossRider.A,PUP.Optional.Imali.SID.A,PUP.Optional.Bundle,PUP.Optional.CheckOffer, PUP.Optional.BrowseFox, PUP.Optional.OfferInstaller.C,PUP.Optional.PCOptimizerPro,PUP.Optional.WebBar.A,PUP.Optional.Tuto4PC.A,
PUP.Optional.SuperClick.A,PUP.Optional.Conduit.A,PUP.Optional.ModGoog,PUP.Optional.Amonetize,PUP.Optional.SearchProtect,PUP.Optional.SndVol.A,PUP.Optional.ABEngine.A,PUP.Optional.Vitruvian.A,PUP.Optional.GlobalUpdate.A,PUP.Optional.Trovi.A.
First of all: I Love AdwCleaner. It only deletes the following keys that are used for Exact Globe (See: http://www.exact.nl/ ) HKCU\Software\eXact, HKLM\SOFTWARE\eXact, HKU\.DEFAULT\Software\eXact, HKCY64\Software\eXact. When these are deleted i cannot use the program. After an ''recheck of all files'' it works again.
j avais téléchargé \Between Lines# que j ai supprimé dans les extensions sur firefox mais pour être tranquille j ai téléchargé Adw cleaner ,j aimerais savoir si je dois supprimer ce que Adw cleaner trouve ou pas car dans l ignorance je lui ai fait supprimer seulement between lines , inutile de vs dire que je n y comprends pas grand chose ! merci d avance Option : Nettoyer
***** [ Services ] *****
***** [ Fichiers / Dossiers ] *****
[x] Non Supprimé : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriverWhiz
Dossier Supprimé : C:\Program Files (x86)\Between Lines
[x] Non Supprimé : C:\Users\Nicole\AppData\Roaming\Mozilla\Firefox\Profiles\xb4g5o81.default\user.js
***** [ Tâches planifiées ] *****
***** [ Raccourcis ] *****
***** [ Registre ] *****
[x] Non Supprimée : HKLM\SOFTWARE\Classes\AppID\WMHelper.DLL
[x] Non Supprimée : HKLM\SOFTWARE\Classes\AppID\{A7DDCBDE-5C86-415C-8A37-763AE183E7E4}
[x] Non Supprimée : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
[x] Non Supprimée : HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
[x] Non Supprimée : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
[x] Non Supprimée : [x64] HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
[x] Non Supprimée : [x64] HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
[x] Non Supprimée : [x64] HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
[x] Non Supprimée : HKCU\Software\eSupport.com
[x] Non Supprimée : HKCU\Software\DriverWhiz
[x] Non Supprimée : HKCU\Software\Local AppWizard-Generated Applications
[x] Non Supprimée : [x64] HKCU\Software\eSupport.com
[x] Non Supprimée : [x64] HKCU\Software\DriverWhiz
[x] Non Supprimée : [x64] HKCU\Software\Local AppWizard-Generated Applications
[x] Non Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride]
***** [ Navigateurs ] *****
-\\ Internet Explorer v11.0.9600.17416
-\\ Mozilla Firefox v37.0.2 (x86 fr)
-\\ Opera v0.0.0.0
*************************
AdwCleaner[R0].txt - [2120 octets] - [27/04/2015 10:42:54]
AdwCleaner[S0].txt - [2100 octets] - [27/04/2015 10:45:57]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [2160 octets] ##########
Super nettoyage après infection de Firefox et IExplorer, suite à une installation d'un logiciel de téléchargement.
L'antivirus n'a rien pu faire!
# Exécuté depuis : D:\LogPortbl\Adwcleaner\adwcleaner_4.202.exe
# Option : Nettoyer
***** [ Services ] *****
[#] Service Supprimé : IHProtect Service
***** [ Fichiers / Dossiers ] *****
Dossier Supprimé : C:\ProgramData\IHProtectUpDate
Dossier Supprimé : C:\Program Files\XTab
Fichier Supprimé : C:\Users\CRT\AppData\Roaming\Mozilla\Firefox\Profiles\uubmtnwl.default\user.js
***** [ Tâches planifiées ] *****
***** [ Raccourcis ] *****
Raccourci Désinfecté : C:\Users\CRT\Desktop\Mozilla Firefox.lnk
Raccourci Désinfecté : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
Raccourci Désinfecté : C:\Users\CRT\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
Raccourci Désinfecté : C:\Users\CRT\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
Raccourci Désinfecté : C:\Users\CRT\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk
Bonsoir,
Cette version 4.201 est en anglais.
J'ai viré le moteur de recherche Ixquick et Yahoo
Pour le reste, mêmes résultats et je ne sais pas si je peux supprimer
J'aimerais avoir votre avis et savoir éventuellement d'où pourrait venir ces services.
# AdwCleaner v4.201 - Logfile created 08/04/2015 at 19:09:25
# Updated 08/04/2015 by Xplode
# Database : 2015-04-08.1 [Server]
# Operating system : Microsoft Windows XP Service Pack 3 (x86)
# Username : sophia -
# Running from : C:\Documents and Settings\sophia\Bureau\adwcleaner_4.201.exe
# Option : Scan
***** [ Services ] *****
Service Found : 36596706
Service Found : 68597101
Service Found : 68597102
***** [ Files / Folders ] *****
File Found : C:\WINDOWS\system32\drivers\36596706.sys
File Found : C:\WINDOWS\system32\drivers\68597101.sys
File Found : C:\WINDOWS\system32\drivers\68597102.sys
***** [ Scheduled tasks ] *****
***** [ Shortcuts ] *****
***** [ Registry ] *****
***** [ Web browsers ] *****
-\\ Internet Explorer v8.0.6001.18702
-\\ Mozilla Firefox v37.0.1 (x86 fr)
-\\ Comodo Dragon v
False positives: Chrome AdBlocker Plus and Click 'n Clean plugins
File Found : C:\Users\Tony\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_pafkbggdmjlpgkdkcbjmhmfcdpncadgh_0.localstorage
File Found : C:\Users\Tony\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_pafkbggdmjlpgkdkcbjmhmfcdpncadgh_0.localstorage-journal