Bonjour,
malheureusement comme beaucoup d'utilisateur de AdwCleaner, après suppression et nettoyage, il y a certaine clefs de registre et autre qui se réinstallent après redémarrage, même après avoir suivis quelques tutos glanés par-ci par-là et check-up via anti-virus et autre anti-malware, ou en désinstallant internet explorer ça persiste....
Le rapport :
# AdwCleaner v4.200 - Rapport créé le 03/04/2015 à 18:40:23
# Mis à jour le 29/03/2015 par Xplode
# Base de données : 2015-03-29.1 [Serveur]
# Système d'exploitation : Windows 7 Home Premium Service Pack 1 (x64)
***** [ Registre ] *****
Clé Trouvée : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Clé Trouvée : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Clé Trouvée : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
***** [ Navigateurs ] *****
-\\ Internet Explorer v9.0.8112.16633
Paramètre Trouvé : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page] - hxxp://search.conduit.com/?ctid=CT3312375&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=2&UP=SP5E21E627-EFF7-4F7F-9670-F33507C57F2A
-\\ Google Chrome v41.0.2272.118
-\\ Chromium v
Est ce que c'est normal ? faux positif ? pourriez vous me donner la démarche à suivre s'il y en a une pour virer ça, ça serait cool :) et si vous avez des questions sur le système ou autre n’hésitez pas.
merci d'avance pour tous vos efforts et bon courage à vous et à toute l'équipe.
Bonjour malgré la derniere version d'AdwCleaner il y a toujours 3 faux positifs concerant 3 logiciels sain.
Il s'agit de LastPass (je n ai pas de rapport car un ami m a dit qu il y avait faux positifs.
Concernant les 2 autres il s'agit d'IDM http://www.internetdownloadmanager.com/download.html
Clé Trouvée : HKLM\SOFTWARE\Classes\CLSID\{0055C089-8582-441B-A0BF-17B458C2A3A8}
Clé Trouvée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0055C089-8582-441B-A0BF-17B458C2A3A8}
Clé Trouvée : [x64] HKLM\SOFTWARE\Classes\CLSID\{0055C089-8582-441B-A0BF-17B458C2A3A8}
Clé Trouvée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0055C089-8582-441B-A0BF-17B458C2A3A8}
et de la nouvelle version 15 de Driver Genius http://www.driver-soft.com/
Dossier Trouvé : C:\Program Files (x86)\driver-soft
Dossier Trouvé : C:\ProgramData\drivergenius
Dossier Trouvé : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\driver genius
Fichier Trouvé : C:\Users\m\Desktop\Driver Genius.lnk
***** [ Tâches planifiées ] *****
***** [ Raccourcis ] *****
***** [ Registre ] *****
Clé Trouvée : HKLM\SOFTWARE\Classes\CLSID\{059EACC2-1ABE-49E8-928D-DC8BD355B7A9}
Clé Trouvée : HKLM\SOFTWARE\Driver-Soft
Clé Trouvée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Driver Genius_is1
please read "with starting the scan" as "without starting the scan"! In the mean time I tried to do System Restore but that made the computer with even more problems, so I have to roll back to the state left by AdwCleaner.
@cocochepeau Hi, As, after AdwCleaner requested to restart the computer after scan and clean, I was not able to log in anymore into the standard account from where I ran AdwCleaner, Therefore I didn't get the report, but I guess it should still be somewhere on my computer. I ran again AdwCleaner but with starting the scan, just to see if it sees the report, but the Report button is grayed out. I downloaded several versions of AdwCleaner, so I may not ran the same version. I don't know if that matters. On the other hand, if I press uninstall (without actually starting the uninstall) I see the files from the quarantine, but not the changes made to the registry. For the files you may take a look at: http://1drv.ms/16uCsum
@cocochepeau
Here are most of the entries I could find. I believe the Hotspot Shield drivers might be the culprit. One user had a driver inside Device Manager. Replacing that driver with one from another working computer seems to have corrected the connection issue.
Folder Deleted : C:\ProgramData\hotspot shield
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\hotspot shield
Folder Deleted : C:\Program Files (x86)\hotspot shield
Folder Deleted : C:\Windows\SysWOW64\hotspot shield
File Deleted : C:\Windows\System32\drivers\taphss6.sys
File Deleted : C:\Windows\System32\drivers\hssdrv6.sys
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\hotspotshield
Key Deleted : HKLM\SOFTWARE\hotspotshield
Key Deleted : HKCU\Software\anchorfree
Folder Found : C:\Users\Sid\AppData\Roaming\hotspot shield
Folder Found : C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\hotspot shield
Successfully removed "www.mystartsearch.com" from Windows 8.1 x64 Notebook.
After I have tried all to me known procedures including Malwarebyte, Nod32 and other antivirus programs this was the only program that succeeded to remove adaware/virus "www.mystartsearch.com" from my notebook.
Thank you!
Can you please include screenconnect in your ignored processes? Just recently adwcleaner started targeting screen connect for removal. This is one of the most popular remote connection utilities out there so you should be able to ignore it. Their site is screenconnect.com.
Also, I'm surprised so many people are using XP still. I can understand using it on an isolated production system, but for everyone else, I think it's time to move on.
I have just installed and ran it but after I selected all folders, files and registry files to clean it restarted what I saw is Radsteroidsis stiil there in my all programme and showing unwanted add in chrome, please help, does any body have any solution for Radsteroids?
Same problem here, logmein rescue disconnects right before the last ok button to restart. Please fix. Thanks!
@jramos, you are right. Version 3 is working fine. Its happening only with Version 4
-It connects again after restart though.. but still inconvenient