The network has a new infection called - texteditor.
C:\Users\User\AppData\Roaming\TextEditor\Daemon\TextEditor
Located in the startup. Opens the search engine created by fraudsters.
It would be nice if the author can add the cure against this infection in his program.
Sorry for my bad English.I used a Google translator))
AdwCleaner v5.025 can`t remove 2 records:
[C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] s3-tool.en.softonic.com
[C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] nkcpopggjcjkiicpenikeogioednjeac
I believe this is a false positive detection and it is related to Toolbar Buttons add-on.
***** [ Web browsers ] *****
[C:\Users\xxxxx\AppData\Roaming\8pecxstudios\Cyberfox\Profiles\xxxxxxx.default\prefs.js] [Preference] Found : user_pref("browser.uiCustomization.state", "{\"placements\":{\"PanelUI-contents\":[\"edit-controls\",\"zoom-controls\",\"new-window-button\",\"privatebrowsing-button\",\"save-page-button\",\"print-but[...]
Toolbar Buttons
https://addons.mozilla.org/en-US/firefox/addon/toolbar-buttons/?src=ss
TESTIMONIAL For AdwCleaner -- World's Best Free Cleaner for Treacherous Malware
I discovered AdwCleaner at the Malwarebytes forums. It is one of the primary tools used by the AV experts there.
I used AdwCleaner for several years whenever I believe my active PAID AV protection failed to detect a threat.
AdwCleaner saved my PC SEVERAL times from Virus Hell!
THANK YOU EVER SO MUCH FOR AdwCleaner, Mr. Xplode.
(WARNING for Novice Users: Unless you are very knowledgeable about the Windows Registry, think twice about using AdwCleaner to delete potentially infected registry keys. If AdwCleaner says you have infected registry keys, go to the Malwarebytes forum and ask for a second opinion from an expert before messing with your Windows Registry.)
Version 5.018 wird derzeit von Avast! Free als Malware erkannt und am Start gehindert. Die Meldung lautet Win32:Evo-gen [Susp]. Ich hab das mal als False Positive gemeldet.
Version 5.013 is moving any folder named as 'AP' to quarantine. My whole company is using AP as short form for Accounts payable.
I just cleaned up a dozen of them :( Thank God i was able recover them from quarantine
I noticed AdwCleaner is detecting 'Adobe Flash Player Updater' under Scheduled Tasks. This is a legitimate Adobe Flash Updater task and should be fixed.
AdwCleaner v5.009
Database : 2015-09-27.1 [Server]
bonjour et merci pour ton logiciel :)
je viens jute de scaner mon PC et j'ai un dote sur les objet trouvé
notamment des lignes dans le registre voici le rapport peut tu me donner ton avis merci...
# AdwCleaner v5.008 - Rapport créé le 20/09/2015 à 20:03:53
# Mis à jour le 18/09/2015 par Xplode
# Base de données : 2015-09-20.1 [Serveur]
# Système d'exploitation : Windows 7 Home Premium Service Pack 1 (x64)
# Nom d'utilisateur : Stephane - STEPHANE-PC
# Exécuté depuis : C:\Users\Stephane\Downloads\adwcleaner_5.008.exe
# Option : Scanner
# Support : http://toolslib.net/forum
***** [ Services ] *****
***** [ Dossiers ] *****
***** [ Fichiers ] *****
Fichier Trouvé : C:\Users\Stephane\AppData\Roaming\Mozilla\Firefox\Profiles\ue01mraa.moi-steph\user.js
***** [ Raccourcis ] *****
***** [ Tâches planifiées ] *****
***** [ Registre ] *****
Clé Trouvée : HKLM\SOFTWARE\Classes\Record\{2009AF2F-5786-3067-8799-B97F7832FDD6}
Clé Trouvée : HKLM\SOFTWARE\Classes\Record\{425E7597-03A2-338D-B72A-0E51FFE77A7E}
Clé Trouvée : HKLM\SOFTWARE\Classes\Record\{915BB7D5-082E-3B91-B1E0-45B5FDE01F24}
Clé Trouvée : HKLM\SOFTWARE\Classes\Record\{FB2E65F4-5687-33EF-9BBF-4E3C9C98D3B9}
Clé Trouvée : HKLM\SOFTWARE\Google\Chrome\Extensions\jbolfgndggfhhpbnkgnpjkfhinclbigj
Clé Trouvée : HKCU\Software\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
***** [ Navigateurs ] *****
########## EOF - C:\AdwCleaner\AdwCleaner[S14].txt - [1219 octets] ##########
Bonjour, Depuis la version 5.008, Adwcleaner me trouve comme fichier
C:\Users\xxxx\AppData\Roaming\ProductData il me dit supprimer quand je fais un nettoyage et quand je repasse le scan il me trouve tjr pareil et ne supprime rien en faite
cordialement
Is there a bug in 5,008 it advises to delete files in c:/program data/product data which contains loads of files ?
