Today all of a sudden Adwcleaner 3.311 is blocked as Trojan by Windows defender and my 360 Internet Security.
What is this??????
Superbe logiciel. Par contre la version que je possède actuellement 3.310 ne reconnait pas pc cleaner pro se trouvant là : C:\ProgramData\PC Cleaners et fichier pclunst.exe
Also cannot download as Norton blocks and removes it. Here is copy of Norton details:
Filename: adwcleaner[1].exe
Threat name: Trojan.Gen.SMH
Full Path: c:\users\admin\appdata\local\microsoft\windows\temporary internet files\content.ie5\0xz70k18\adwcleaner[1].exe
____________________________
Details
Unknown Community Usage, Unknown Age, Risk High
Origin
Downloaded from
http://download.bleepingcomputer.com/dl/ccc7b1be60ac8b673cbab8cd91aea0c9/5405e713/windows/security/security-utilities/a/adwcleaner/AdwCleaner.exe
Activity
Actions performed: Actions performed: 1
____________________________
On computers as of
9/2/2014 at 8:45:45 AM
Last Used
9/2/2014 at 9:49:52 AM
Startup Item
No
Launched
No
____________________________
Unknown
It is unknown how many users in the Norton Community have used this file.
Unknown
This file release is currently not known.
High
This file risk is high.
Threat type: Virus. Programs that infect other programs, files, or areas of a computer by inserting themselves or attaching themselves to that medium.
___________________________
http://download.bleepingcomputer.com/dl/ccc7b1be60ac8b673cbab8cd91aea0c9/5405e713/windows/security/security-utilities/a/adwcleaner/AdwCleaner.exe
Downloaded File adwcleaner[1].exe Threat name: Trojan.Gen.SMH
from bleepingcomputer.com
Source: External Media
adwcleaner[1].exe
___________________________
File Actions
File: c:\Users\ADMIN\AppData\Local\microsoft\Windows\temporary internet files\Content.IE5\0XZ70K18\ adwcleaner[1].exe Removed
____________________________
File Thumbprint - SHA:
f303a32ba4a44ae7d25b73f5b6f3f2c3dcf6d9970ebf88de816b399eedce80b1
File Thumbprint - MD5:
Not available
False alarm:
C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\fhkmpddbiciimgibbkmimhfognpknmeo
It is absolutely legal extension of the store
https://chrome.google.com/webstore/detail/save-as-mhtml/fhkmpddbiciimgibbkmimhfognpknmeo
C:\Users\User\AppData\Local\Mail.Ru
In this folder, I have installed "Cloud Mail.ru", it need not be removed, it is completely legal and no it does not apply to advertising
https://cloud.mail.ru/
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mail.Ru
And in that folder I have is a shortcut to the legal application "Cloud Mail.ru"
https://cloud.mail.ru/
Here is a log showing what was found on a PC that I had it crash on.
# AdwCleaner v3.303 - Report created 07/08/2014 at 15:00:51
# Updated 06/08/2014 by Xplode
# Operating System : Windows 8.1 (64 bits)
# Username : Robert - MAINPC
# Running from : C:\A.I.R\adwcleaner.exe
# Option : Scan
***** [ Services ] *****
Service Found : CltMngSvc
***** [ Files / Folders ] *****
File Found : C:\Users\Public\Desktop\eBay.lnk
File Found : C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.azlyrics.com_0.localstorage
File Found : C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.azlyrics.com_0.localstorage-journal
File Found : C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage
File Found : C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage-journal
Folder Found : C:\Program Files (x86)\SearchProtect
Folder Found : C:\ProgramData\374311380
Folder Found : C:\ProgramData\Trymedia
Folder Found : C:\Users\Robert\AppData\Local\SearchProtect
***** [ Scheduled Tasks ] *****
***** [ Shortcuts ] *****
***** [ Registry ] *****
Data Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll
Data Found : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll
Key Found : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Key Found : HKCU\Software\Optimizer Pro
Key Found : HKCU\Software\Trymedia Systems
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Key Found : [x64] HKCU\Software\Optimizer Pro
Key Found : [x64] HKCU\Software\Trymedia Systems
Key Found : HKLM\Software\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Found : HKLM\Software\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Found : HKLM\Software\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Key Found : HKLM\Software\SearchProtect
Key Found : HKLM\Software\Trymedia Systems
***** [ Browsers ] *****
-\\ Internet Explorer v11.0.9600.17126
-\\ Google Chrome v36.0.1985.125
[ File : C:\Users\Guest\AppData\Local\Google\Chrome\User
Hotspot Shield
https://gambetto.de/image/OF
https://gambetto.de/image/O0
https://gambetto.de/image/O3
***** [ Dienste ] *****
Dienst Gefunden : hshld
Dienst Gefunden : hsstrayservice
Dienst Gefunden : hsswd
***** [ Dateien / Ordner ] *****
Ordner Gefunden : C:\Program Files (x86)\hotspot shield
Ordner Gefunden : C:\ProgramData\hotspot shield
Ordner Gefunden : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\hotspot shield
Ordner Gefunden : C:\Users\Waldijs\AppData\Roaming\hotspot shield
Ordner Gefunden : C:\Windows\SysWOW64\hotspot shield
***** [ Tasks ] *****
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
Schlüssel Gefunden : HKCU\Software\anchorfree
Schlüssel Gefunden : [x64] HKCU\Software\anchorfree
Schlüssel Gefunden : HKLM\Software\hotspotshield
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\hotspotshield