//////// v3.309 - 02/09/14 //////// FR
- Mise à jour majeure de la base de données
- Correction de FP
//////// v3.309 - 02/09/14 //////// ENG
- Major database update
- False positive fixed
Also cannot download as Norton blocks and removes it. Here is copy of Norton details:
Filename: adwcleaner[1].exe
Threat name: Trojan.Gen.SMH
Full Path: c:\users\admin\appdata\local\microsoft\windows\temporary internet files\content.ie5\0xz70k18\adwcleaner[1].exe
____________________________
Details
Unknown Community Usage, Unknown Age, Risk High
Origin
Downloaded from
http://download.bleepingcomputer.com/dl/ccc7b1be60ac8b673cbab8cd91aea0c9/5405e713/windows/security/security-utilities/a/adwcleaner/AdwCleaner.exe
Activity
Actions performed: Actions performed: 1
____________________________
On computers as of
9/2/2014 at 8:45:45 AM
Last Used
9/2/2014 at 9:49:52 AM
Startup Item
No
Launched
No
____________________________
Unknown
It is unknown how many users in the Norton Community have used this file.
Unknown
This file release is currently not known.
High
This file risk is high.
Threat type: Virus. Programs that infect other programs, files, or areas of a computer by inserting themselves or attaching themselves to that medium.
___________________________
http://download.bleepingcomputer.com/dl/ccc7b1be60ac8b673cbab8cd91aea0c9/5405e713/windows/security/security-utilities/a/adwcleaner/AdwCleaner.exe
Downloaded File adwcleaner[1].exe Threat name: Trojan.Gen.SMH
from bleepingcomputer.com
Source: External Media
adwcleaner[1].exe
___________________________
File Actions
File: c:\Users\ADMIN\AppData\Local\microsoft\Windows\temporary internet files\Content.IE5\0XZ70K18\ adwcleaner[1].exe Removed
____________________________
File Thumbprint - SHA:
f303a32ba4a44ae7d25b73f5b6f3f2c3dcf6d9970ebf88de816b399eedce80b1
File Thumbprint - MD5:
Not available
False alarm:
C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\fhkmpddbiciimgibbkmimhfognpknmeo
It is absolutely legal extension of the store
https://chrome.google.com/webstore/detail/save-as-mhtml/fhkmpddbiciimgibbkmimhfognpknmeo
C:\Users\User\AppData\Local\Mail.Ru
In this folder, I have installed "Cloud Mail.ru", it need not be removed, it is completely legal and no it does not apply to advertising
https://cloud.mail.ru/
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mail.Ru
And in that folder I have is a shortcut to the legal application "Cloud Mail.ru"
https://cloud.mail.ru/
Salut à tous,
Scan avec la version v3.308 sous windows 8.1 - 64 bits, clé de registre détectée
***** [ Registre ] *****
Clé Présente : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08121C32A9C319F4CB0C11FF059552A4
***************************************************************************
Faux positif ?
Merci de votre aide
Salut à tous,
Scan avec la version v3.307 sous windows 8.1, clé de registre détectée
***** [ Registre ] *****
Clé Présente : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08121C32A9C319F4CB0C11FF059552A4
***************************************************************************
Faux positif ?
Merci de votre aide
//////// v3.305 - 13/08/14 //////// FR
- Mise à jour de la base de données
- Correction dans le filtre de détection des tâches planifiées Crossrider
- Détection générique AdPeak mise à jour
- Détection générique DownloadProtect mise à jour
- Détection générique Skintrim mise à jour
- Détection générique Tuto4PC mise à jour
- Détection générique Multiplug mise à jour
- Suppression d'un message de déboguage oublié
- Mise à jour de la détection des extensions Firefox
- Mise à jour de la détection des extensions Chrome
- Fichier de langues mis à jour
- Ajout de la détection générique AddLyrics
//////// v3.305 - 13/08/14 //////// ENG
- Database update
- Fixed Crossrider scheduled task detection
- Generic.AdPeak detection updated
- Generic.DownloadProtect detection updated
- Generic.Skintrim detection updated
- Generic.Tuto4PC detection updated
- Generic.Multiplug detection updated
- Deleted debug message
- Updated Firefox extensions detection
- Updated Chrome extensions detection
- Language file updated
- Added Generic.AddLyrics detection
Please, I need your help. After scanning my system with your product, I detected the following (from the report)
# AdwCleaner v3.303 - Report created 08/08/2014 at 10:38:47
# Updated 06/08/2014 by Xplode
# Operating System : Windows 7 Professional Service Pack 1 (64 bits)
# Username : Paulo - PAULO-PC
# Running from : C:\Users\Paulo\Desktop\Clean Up\AdwCleaner.exe
# Option : Scan
***** [ Services ] *****
***** [ Files / Folders ] *****
***** [ Scheduled Tasks ] *****
***** [ Shortcuts ] *****
***** [ Registry ] *****
***** [ Browsers ] *****
-\\ Internet Explorer v0.0.0.0
-\\ Google Chrome v34.0.1847.116
[ File : C:\Users\Paulo\AppData\Local\Google\Chrome\User Data\Default\preferences ]
Found [Extension] : eofcbnmajmjmplflapaojjnihcjkigck
*************************
AdwCleaner[R99].txt - [715 octets] - [08/08/2014 10:38:47]
########## EOF - C:\AdwCleaner\AdwCleaner[R99].txt - [775 octets] ##########
After the scan, Under Chrome found an Extension unknown.(see above)
Selected "Clean" - Program ran for a little then a message appeared:
Aut2Exe has stopped working.
A problem caused the program to stop working correctly.
Windows will close the program and notify you if a solution is available.
The faulty chrome Extension was not removed. My system is now unstable and had several dumps (blue screen). Avast, ESET, Malwarebytes and other reported nothing, only AdwCleaner.
Again, my system is now unstable, AdwCleaner is detecting that Chrome Extension but does abort before removing it. Any idea of what the problem is.
Please, contact me at padi5star@gmail.com if you have a solution. I will be away from my computer for 10 days, but I can receive emails.
Thank you.
Here is a log showing what was found on a PC that I had it crash on.
# AdwCleaner v3.303 - Report created 07/08/2014 at 15:00:51
# Updated 06/08/2014 by Xplode
# Operating System : Windows 8.1 (64 bits)
# Username : Robert - MAINPC
# Running from : C:\A.I.R\adwcleaner.exe
# Option : Scan
***** [ Services ] *****
Service Found : CltMngSvc
***** [ Files / Folders ] *****
File Found : C:\Users\Public\Desktop\eBay.lnk
File Found : C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.azlyrics.com_0.localstorage
File Found : C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.azlyrics.com_0.localstorage-journal
File Found : C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage
File Found : C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage-journal
Folder Found : C:\Program Files (x86)\SearchProtect
Folder Found : C:\ProgramData\374311380
Folder Found : C:\ProgramData\Trymedia
Folder Found : C:\Users\Robert\AppData\Local\SearchProtect
***** [ Scheduled Tasks ] *****
***** [ Shortcuts ] *****
***** [ Registry ] *****
Data Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll
Data Found : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll
Key Found : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Key Found : HKCU\Software\Optimizer Pro
Key Found : HKCU\Software\Trymedia Systems
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Key Found : [x64] HKCU\Software\Optimizer Pro
Key Found : [x64] HKCU\Software\Trymedia Systems
Key Found : HKLM\Software\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Found : HKLM\Software\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Found : HKLM\Software\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Key Found : HKLM\Software\SearchProtect
Key Found : HKLM\Software\Trymedia Systems
***** [ Browsers ] *****
-\\ Internet Explorer v11.0.9600.17126
-\\ Google Chrome v36.0.1985.125
[ File : C:\Users\Guest\AppData\Local\Google\Chrome\User
//////// v3.303 - 06/08/14 //////// FR
- Mise à jour de la base de données
- Faux positifs supprimés
- Détection générique Multiplug mise à jour
- Détection générique DownloadProtect mise à jour
- Détection générique Crossrider mise à jour
- Détection générique Skintrim mise à jour
//////// v3.303 - 06/08/14 //////// ENG
- Database update
- False positive removed
- Generic.Crossrider detection updated
- Generic.Downloadprotect detection updated
- Generic.Multiplug detection updated
- Generic.Skintrim detection updated
//////// v3.302 - 30/07/14 //////// FR
- Mise à jour de la base de données
- Faux positifs supprimés
- Ajout de processus à la liste blanche
- Mise à jour du module de détection des tâches planifiées
- Ajout de la possibilité d'annuler le nettoyage avant la fermeture des processus
- Détection générique AdPeak mise à jour
//////// v3.302 - 30/07/14 //////// ENG
- Database update
- False positive removed
- Added processes to whitelist
- Updated scheduled task detections
- Added possibility to cancel cleaning before closing processes
- Generic.AdPeak detection updated
Merci encore pour tout le service rendu ;)