Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

PUP/Hosts Anti-Malware (ADWCleaner extension) =Malware


  • Please log in to reply
10 replies to this topic

#1 ThunderFlash

ThunderFlash

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:41 AM

Posted 11 September 2013 - 11:22 PM

I dowloaded AdwCleaner on BleepingComputer.com, the software it self looked to work fine & looked very legit.

In the software  Tools menu it is possible to add PUP/Hosts Anti-Malware. Since the main software looked OK i did it.

I made a scan with Hitman Pro & it was declared has "MALWARE". It had 3 bad files, 1 malwarrre ( the main process,

1 trojan & a suspuscious file, i condamned all.

 

Can someone tell me WTH is going on with ADWCleaner & maybe it would be a good idea to put a CLEAR notice on the download page.



BC AdBot (Login to Remove)

 


#2 noknojon

noknojon

    Aussie Addict


  • Members
  • 8,843 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Victoria Australia
  • Local time:12:41 AM

Posted 11 September 2013 - 11:46 PM

Hello -

The program is OK.

Did you First fully read the directions and follow the instructions ?

 

Many Antimalware programs are detected by other Antimalware programs, and this is usually a False Positive reading.

It shows up as your program may need to be disabled while you use another program.

 

Thank You -


Thank You -

 

 - Windows 7 SP1 Home Premium Toshiba Laptop - Avant and user of Internet Explorer Browsers  - And I Use GOOGLE-

~ Remember to Press F5 as you may already have an answer waiting for you ..... If not .....The answer is always 42, or Reboot ~


#3 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 30,748 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:10:41 AM

Posted 12 September 2013 - 08:01 AM

False detections by anti-virus programs for this and similar tools are not uncommon.

Certain embedded files that are part of legitimate programs or specialized fix tools, may at times be detected by some anti-virus and anti-malware scanners as suspicious, a Risk Tool, Hacking Tool, Potentially Unwanted Program, a possible threat or even Malware (virus/trojan) when that is not the case. This occurs for a variety of reasons to include the tool's compiler, the files it uses, whether files are compressed or packed, what behavior it performs, any registry strings it may contain and the type of security engine that was used during the scan. Other legitimate files which may be obfuscated, encrypted or password protected in order to conceal itself so they do not allow access for scanning but often trigger alerts by anti-virus software.

When flagged by an anti-virus or security scanner, it's because the program includes features, behavior or files that appear suspicious or which can potentially be used for malicious purposes. Compressed and packed files in particular are often flagged as suspicious by security software because they have difficulty reading what is inside them. These detections do not necessarily mean the file is malicious or a bad program. It means it has the potential for being misused by others or that it was simply detected as suspicious or a threat due to the security program's heuristic analysis engine which provides the ability to detect possible new variants of malware. Anti-virus scanners cannot distinguish between "good" and "malicious" use of such programs, therefore they may alert you or even automatically remove them. In these cases the detection is a "false positive" and can be ignored.
Microsoft MVP - Consumer Security 2007-2014 MVP.gif

Member of UNITE, Unified Network of Instructors and Trusted Eliminators

#4 ThunderFlash

ThunderFlash
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:41 AM

Posted 17 September 2013 - 01:21 AM

yeah sorry guys, indeed i did read the extension author's page, but after writing  this topic.  

 

.. Me >> :axe:   lol



#5 noknojon

noknojon

    Aussie Addict


  • Members
  • 8,843 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Victoria Australia
  • Local time:12:41 AM

Posted 17 September 2013 - 06:05 AM

Hi -

No problem with your post, and it also stresses a point we make to many people that we are helping.

We often ask them to Disable their normal Antivirus program while we run other programs.

 

I think quietman7 has pointed out the reasons why very well -

 

Thank You -


Thank You -

 

 - Windows 7 SP1 Home Premium Toshiba Laptop - Avant and user of Internet Explorer Browsers  - And I Use GOOGLE-

~ Remember to Press F5 as you may already have an answer waiting for you ..... If not .....The answer is always 42, or Reboot ~


#6 hodnet104

hodnet104

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:01:41 AM

Posted 25 September 2013 - 02:49 AM

I am running Adwcleaner and I am asked  "Please un-check elements you dont want removed"

  = How do I know what to remove and not remove?

 

hodnet104



#7 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 30,748 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:10:41 AM

Posted 25 September 2013 - 07:22 AM

When first run, AdwCleaner includes options under the tabs to show what was found and to allow disabling detections you want to keep. What it shows and the contents of the log file may be confusing. Unless you see a program name that you recognize and know should not be removed, don't worry about it. If you see an entry you want to keep, return to AdwCleaner before cleaning...all detected items will be listed (and checked) in each tab. Click on each one and uncheck any items you want to keep (except you cannot uncheck Chrome and Firefox preferences lines).
Microsoft MVP - Consumer Security 2007-2014 MVP.gif

Member of UNITE, Unified Network of Instructors and Trusted Eliminators

#8 skyknites

skyknites

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:06:41 AM

Posted 04 December 2013 - 05:34 PM

I just fought through a nasty cnet download, cnet loads viruses, adware, malware... whatever you wanna call it, it is harmful and unwanted. Anyways.....

Conduit and scorpionsaves  was 2 of them. after many hours of trying to remove them I turned to adwcleaner to remove it and amazingly it worked... but if you wonder why, just look at the properties of adwcleaner and you will find that it was created by conduit ltd. the reason they can fix your pc, is because they are the ones that did it.

            They load this malware that redirects searches to their advertising clients, pop up their ads, feed you misdirected ads, and then when you come to them to fix it, they offer you 6 more ads/programs. A marketing Coup for sure. So before you praise how well adwcleaner works, you might want to accept the fact that they started the whole thing.

 

I understand the man who created conduit, company and malware, has since sold the company.  So I don't know if it is all just carried out in his multi million dollar earning format, or what.

 

If it sounds too good, it is.



#9 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 30,748 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:10:41 AM

Posted 04 December 2013 - 05:49 PM

....I turned to adwcleaner to remove it and amazingly it worked... but if you wonder why, just look at the properties of adwcleaner and you will find that it was created by conduit ltd. the reason they can fix your pc, is because they are the ones that did it.

 

No, AdwCleaner is created by Xplode, a BC Security Colleague.


Microsoft MVP - Consumer Security 2007-2014 MVP.gif

Member of UNITE, Unified Network of Instructors and Trusted Eliminators

#10 skyknites

skyknites

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:06:41 AM

Posted 04 December 2013 - 05:58 PM

I had already deleted the version I had, so I downloaded the one from bleeping, it doesn't show a company or developer at all, but strangely has the same French language listed, so maybe I had a imposter version or they just hiding it better now

::shrugs:::



#11 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 30,748 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:10:41 AM

Posted 04 December 2013 - 06:13 PM

Many third-party hosting sites bundle toolbars and other software in their download packages as a way to increase vendor revenue and recoup business costs through the distribution of third party software. This practice is now the most common revenue generator for free downloads.

The safest practice is to use the vendor's official home site or an authorized mirror such as BleepingComputer.

As for the French language, click that link again but this time choose visit the Author's Sitee.


Microsoft MVP - Consumer Security 2007-2014 MVP.gif

Member of UNITE, Unified Network of Instructors and Trusted Eliminators




4 user(s) are reading this topic

0 members, 4 guests, 0 anonymous users