AdwCleaner updates and discussion thread

v3.310 - 12/09/14
- Database update

Changes:
http://general-changelog-team.fr/~xplode/Changelogs/CG_AdwCleaner_EN.txt
Download:
https://toolslib.net/downloads/viewdownload/1-adwcleaner/

 

I don't run ADW, but other engineers in our NOC are known to run it. I usually start with MBAM On-Demand, then migrade to Emsisoft (EK), and a final check with HerdProtect. If the machine is Win7 or earlier I tend to just run EEK then follow that with Combofix. Obviously manual removals are pretty common even with these tools. Almost every extensive repair I do is followed up with Tweaking.com's Windows Repair (AIO), it saves several hours of time a day for us. http://www.tweaking.com/content/page/windows_repair_all_in_one.html

Rarely do I have to use anything more than this other than manual work of course.

 

I ran AIO a few weeks ago and run SFC.EXE often...http://support.microsoft.com/kb/929833/en-us

 

v3.311 - 30/09/14
- Database update
- False positive fixed

Changes:
http://general-changelog-team.fr/~xplode/Changelogs/CG_AdwCleaner_EN.txt
Download:
https://toolslib.net/downloads/viewdownload/1-adwcleaner/

 

Loving ADW.. I've been converted by the other engineers in the NOC.

 

Not sure this been covered already but Norton's new all in one quarantines the program. It clears the download exe but it's sonar does not like it. see screen shots.

 

Thats a product of the new more aggressive SONAR - from the enterprise version. The good news is, Norton now catches A LOT of Greyware.. Bad news is in some cases- this happens.

 

http://general-changelog-team.fr/~xplode/Changelogs/CG_AdwCleaner_EN.txt

https://toolslib.net/downloads/viewdownload/1-adwcleaner/

 

Version 4.000 may require at least two (2) IP addresses be firewall "trusted" as multiple downloads may occur with each execution. Of course the exact IP addresses could depend on your system's geographic location. YMMV.

A new executable (Aut2Exec) may also need to be "trusted".

This version returns a 5/55 from VirusTotal.com, and that's not surprising for some malware removal utilities/tools. Of course the 5/55 should be ignored as FP's. Sincere congratulations go out to the developer/author Xplode for this ever increasing popular application.

 

its autoit 3.3.12.0 - see https://www.autoitscript.com/site/autoit/downloads/

 

v4.001 - 20/10/14
- Added registry keys to search :
HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage
HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility
- Updated generic detections
- Added generic detection for "tracing" keys

Changes:
http://general-changelog-team.fr/~xplode/Changelogs/CG_AdwCleaner_EN.txt
Download:
https://toolslib.net/downloads/viewdownload/1-adwcleaner/

 

It's a shame that it still does not let you select every file and registry key for a particular item found at once.

This is a real problem if there are things found that you don't want to removed, as it is a hassle having to deselect every trace one by one. What makes it worse is that it is not clear what program some traces found belong to, since there is no identification of what each trace belong to.

I just did a scan, and I want to keep most of the items found. Becuase it's not clear what software some found registry keys belong to, it's easiest for me to not clean anything at all.

If you have a computer with lots of unwanted garbage, or adware toolbars and you want to remove everything found, then AdwCleaner really is an excellent tool, and works well. If, however you want some things to remain, it
becomes a real hassle. The same issue applies to Adware Removal Tool, which has a GUI which is very similar to AdwCleaner.

 

@LagerX
Thank you for the update, but i 'm a little bit confused of the result.

@Roger m
Same as you lot of items detected, but are they really threats?. I don't use IE (deactivated in Windows Features).

I need to know
Thanks
Rules.

 

I have same experience. I did check those registry keys and while some of them are fishy (probably good to remove), some were OK as far as I know... We'll see

 

Yes i did check too in the registry, and i wonder if these keys are here because of i 've actually several free software installed, which ask during the setup to install crappy freeware (offers during install), so basically the key could be stored, but set as inactive cause of my denied during install, so i also think they are safe to be deleted, but like you said We'll see.

Rules.

 

Anyone notice ADWCleaner getting snagged by AV's and UTM's now?

Sonicwall is the latest one to block it.

 

Xplodes' AdwCleaner has continually been assessed with one to five false positives with VirusTotal.com for years. But that is quite common for malware removal utilities.

Cheers.

 

Redownload it and check. Mine fixed now

 

I don't really want to clean anything here...

***** [ Registry ] *****

Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{74F475FA-6C75-43BD-AAB9-ECDA6184F600}
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SearchSettings_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SearchSettings_RASMANCS

***** [ Browsers ] *****

-\\ Internet Explorer v9.0.8112.16563


-\\ Google Chrome v36.0.1985.143

[ File : C:\Users\Bruce\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Found [Search Provider] : hxxp://search.aol.com/aol/search?q={searchTerms}
Found [Search Provider] : hxxp://en.softonic.com/s/{searchTerms}
Found [Search Provider] : hxxp://nortonsafe.search.ask.com/videos?q={searchTerms}&geo=&prt=&o=&chn=&ver=&tpr=10
Found [Search Provider] : hxxp://www.ask.com/web?q={searchTerms}
Found [Extension] : djkncpfhommbpbjihphicfpmfjpeddco

 

Why not? A quick Google search suggests there are no false positives here.

 

Still registers 2/54 at VirusTotal.com but those are still false positives.

 

v4.002 - 27/10/14
- Updated generic detections
- Fixed bugs

Changes:
http://general-changelog-team.fr/~xplode/Changelogs/CG_AdwCleaner_EN.txt
Download:
https://toolslib.net/downloads/viewdownload/1-adwcleaner/

 

Some info about why the latest version remain to v 3.311

http://forum.general-changelog-team.fr/viewtopic.php?f=53&t=1055

Rules.

 

v4.100 - 08/11/14
- Fixed bug in EIFL research module
- Added generic detection for SearchScopes keys
- New method to manage Chrome preferences
- New method to manage Firefox preferences

Changes:
http://general-changelog-team.fr/~xplode/Changelogs/CG_AdwCleaner_EN.txt
Download:
https://toolslib.net/downloads/viewdownload/1-adwcleaner/

 

v4.101 - 09/11/14
- Bug fixed ( Firefox files/folders detection )
- Bug fixed ( AdwCleaner's file deletion )
- Bug fixed ( Uninstall )
- Fixed display bug in logfile
- Updated logfile header

Changes:
http://general-changelog-team.fr/~xplode/Changelogs/CG_AdwCleaner_EN.txt
Download:
https://toolslib.net/downloads/viewdownload/1-adwcleaner/