Hi
I have downloaded a newer version of adwcleaner 4.113, still it cannot detect and remove the infected Babylon registry keys...
secman.DLL\
HKLM\SOFTWARE\Classes\AppID\
secman.OutlookSecurityManager.1\
HKLM\SOFTWARE\Classes\
secman.OutlookSecurityManager\
HKLM\SOFTWARE\Classes\
secman.DLL\
HKLM\SOFTWARE\Classes\Wow6432Node\AppID\
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{2EECD738-5844-4A99-B4B6-146BF802613B}]
"DllName"="BabylonToolbar.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}]
"DllName"="BabylonToolbar.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{98889811-442D-49DD-99D7-DC866BE87DBC}]
"DllName"="BabylonToolbarTlbr.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Extension Compatibility\{2EECD738-5844-4A99-B4B6-146BF802613B}]
"DllName"="BabylonToolbar.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Extension Compatibility\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}]
"DllName"="BabylonToolbar.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Extension Compatibility\{98889811-442D-49DD-99D7-DC866BE87DBC}]
"DllName"="BabylonToolbarTlbr.dll"
False positives: Chrome AdBlocker Plus and Click 'n Clean plugins
File Found : C:\Users\Tony\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_pafkbggdmjlpgkdkcbjmhmfcdpncadgh_0.localstorage
File Found : C:\Users\Tony\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_pafkbggdmjlpgkdkcbjmhmfcdpncadgh_0.localstorage-journal
After running AdwareCleaner, cleaning most of the results, and rebooting, this is what s going on
My BitComet (torrents) clients still works fine, but everything else internet-related doesnt seems to connect, like Skype, Avast updating, and all browsers.
Is there any way to reverse the process?
Thank You
Bonjour,
Le répertoire protected créé par une de mes applications est systématiquement mis en quarantaine. Est-ce normal ?
Ci-après un extrait du log:
# AdwCleaner v4.112 - Logfile created 18/03/2015 at 18:01:18
# Updated 09/03/2015 by Xplode
# Database : 2015-03-15.1 [Server]
# Operating system : Windows 7 Enterprise Service Pack 1 (x64)
# Username : XXXXXXX - XXXXXXXXXXXX
# Running from : C:\My Program Files\adwcleaner_4-112_fr_430277.exe
# Option : Cleaning
***** [ Services ] *****
***** [ Files / Folders ] *****
Folder Deleted : C:\Users\XXXXXXX\Documents\protected
***** [ Scheduled tasks ] *****
…
Par avance merci de votre aide.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{2EECD738-5844-4A99-B4B6-146BF802613B}]
"DllName"="BabylonToolbar.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}]
"DllName"="BabylonToolbar.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{98889811-442D-49DD-99D7-DC866BE87DBC}]
"DllName"="BabylonToolbarTlbr.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Extension Compatibility\{2EECD738-5844-4A99-B4B6-146BF802613B}]
"DllName"="BabylonToolbar.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Extension Compatibility\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}]
"DllName"="BabylonToolbar.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Extension Compatibility\{98889811-442D-49DD-99D7-DC866BE87DBC}]
"DllName"="BabylonToolbarTlbr.dll"
So windows 7 64 bit with chrome 41.0.2272.89m (64 bit)
Probabile false positive
***** [ Registry ] *****
Chiave Trovato : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
Google helper update
Bonjour,
je viens de mettre à jour le logiciel adwcleaner et je viens d'effectuer une analyse.
est ce que la clé se situant dans le registre est un faux positif ?
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet setting
merci d'avance pour votre réponse
Je confirme :
La suppression du dossier "C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\***.default\Extensions\{3b56bcc7-54e5-44a2-9b44-66c3ef58c13e}" enlève le module de Firefox HTML Validator et la supression du dossier "C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\icpgjfneehieebagbmdbhnlpiopdcmna" "casse" sans enlever le module de Chrome New Tab Redirect.
Ça se corrige facilement, mais ce n'est pas très propre pour ce petit utilitaire sympathique.
It was a problem with Firefox 36.0.
Everything is fine after I updated Firefox to version 36.0.1.
Bonjour ,
Si quelqu'un me m'aider !!!! dans le rapport avec AdwCleaner ,il ressors les virus ci dessous !!! Comment faut-il que je fasse pour les supprimer? merci à vous .
Dossier Trouvé : C:\Users\armant\AppData\Local\HealthAlert
Clé Trouvée : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\superfish.com
Clé Trouvée : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.superfish.com