Doctor Olds
I Need A Remedy For What's Ailing Me.
Premium,VIP
join:2001-04-19
1970 442 W30
clubs: | reply to MagMan
Re: CCleaner now installs with adware?
Your screen shot shows 71 Registry Entries and 2 Files.
What were the 2 Files? |
|
amysheehan
Premium,VIP,MVM
join:1999-12-21
Huntington Beach, CA
 ·RoadRunner Cable
| reply to Goodbye CCleaner
3 versions available |
Standard
Portable
or
Slim
Current CC build info: »www.ccleaner.com/download/builds.aspx
-amy-
--
DSLR Phishtracker |
|
sashwa
Pixie Cat Crunchin' n Foldin'
Premium,Mod
join:2001-01-29
Alcatraz
clubs: 
1 edit | I use the standard but opted out of the toolbar and the other stuff they offered but can't remember. |
|
MagMan
Life is simpler when you tell the truth.
Premium
join:2003-10-01
Westlake, OH
 ·AT&T Midwest
·AT&T Midwest
| reply to Doctor Olds
said by Doctor Olds  :Your screen shot shows 71 Registry Entries and 2 Files. What were the 2 Files? This.
--
"The truth is incontrovertible, malice may attack it, ignorance may deride it, but in the end; there it is." |
|
amysheehan
Premium,VIP,MVM
join:1999-12-21
Huntington Beach, CA
·RoadRunner Cable
2 edits | said by MagMan :said by Doctor Olds :Your screen shot shows 71 Registry Entries and 2 Files. What were the 2 Files? This. P.DAT is one of the files referenced in the Symantec write up -
Also the registry entry HKLM/ Software / ''System Process ''
»www.symantec.com/security_respon···&tabid=2
-amy-
--
DSLR Phishtracker |
|
MagMan
Life is simpler when you tell the truth.
Premium
join:2003-10-01
Westlake, OH
·AT&T Midwest
·AT&T Midwest
| said by amysheehan :said by MagMan :said by Doctor Olds :Your screen shot shows 71 Registry Entries and 2 Files. What were the 2 Files? This. P.DAT is one of the files referenced in the Symantec write up - » www.symantec.com/security_respon···&tabid=2-amy- So your point being is what according to what NIS is saying it is toast.Which as far as I am concerned never existed in the first place. 
My machine was not infected with this to me this is an FP.
--
"The truth is incontrovertible, malice may attack it, ignorance may deride it, but in the end; there it is." |
|
amysheehan
Premium,VIP,MVM
join:1999-12-21
Huntington Beach, CA
·RoadRunner Cable
| said by MagMan :So your point being is what according to what NIS is saying it is toast.Which as far as I am concerned never existed in the first place. My machine was not infected with this to me this is an FP. To clarify - I think that the app was flagged because for whatever reason there were registry entries and / or files that matched this definition. I would think it's a FP, but I am NOT the expert.
-amy-
--
DSLR Phishtracker |
|
MagMan
Life is simpler when you tell the truth.
Premium
join:2003-10-01
Westlake, OH
·AT&T Midwest
·AT&T Midwest
| reply to amysheehan
The reason I say this is the other day after NIS updated and you know how it runs a quick scan after updating it showed up.Now previously to that there was no unusual behavior going on with my machine and zap all of sudden there it is.Plus it is odd to the fact that this has been around for awhile and it never got flagged before by any of the apps that I have and use regularly.
--
"The truth is incontrovertible, malice may attack it, ignorance may deride it, but in the end; there it is." |
|
amysheehan
Premium,VIP,MVM
join:1999-12-21
Huntington Beach, CA
·RoadRunner Cable
| 
VirusTotal results |
Panda 9.0.0.4 2007.11.11 Suspicious file
Prevx1 V2 2007.11.11 Heuristic: Suspicious Hijacker
Additional information
File size: 2725528 bytes
MD5: 50d8917e026b3402af3d4933018ea33a
SHA1: a9ed613388243cd3997d0b7b8f4e6f4ee7e08101
packers: WiseSFX Dropper, WiseSFX Dropper, WiseSFX Dropper
Prevx info: »fileinfo.prevx.com/fileinfo.asp?···C43DBD89
sashwa submitted her files to Symantec for review - My older version of CCleaner doesn't get flagged by anyone.
--
DSLR Phishtracker |
|
MarkAW
Barry White or lil bratt
Premium
join:2001-08-27
Canada
·Bell Sympatico
·Cogeco Cable
1 edit | reply to Goodbye CCleaner
Ok you all got me wondering since i have CCleaner v2.02.527, so i ran a few scans and found nothing using A2, Avast, Avg Anti-spyware (which did it's auto weekly scan today), SuperAntiSpyware, AboutBuster, Qoofix,E2Takeout. Neither Mamutu or WinPatrol popped up with any kind of warning and my HJT logs are clear.
So i'd have to say that with your problem it got onto your system some other way and not with CCleaner
a-squared Free - Version 3.0
Last update: 11/11/2007 3:26:42 AM
Scan settings:
Objects: Memory, Traces, Cookies
Scan archives: On
Heuristics: On
ADS Scan: On
Scan start: 11/11/2007 1:16:20 PM
Scanned
Files: 1952
Traces: 340633
Cookies: 4
Processes: 48
Found
Files: 0
Traces: 0
Cookies: 0
Processes: 0
Registry keys: 0
Scan end: 11/11/2007 1:17:50 PM
Scan time: 12:01:30 AM
--
Advertising is legalized lying. - H.G. Wells
Pleasure in the job puts perfection in the work. - Aristotle |
|
MagMan
Life is simpler when you tell the truth.
Premium
join:2003-10-01
Westlake, OH | reply to amysheehan
So are we coming to a conclusion here of CCleaner being the culprit. |
|
sashwa
Pixie Cat Crunchin' n Foldin'
Premium,Mod
join:2001-01-29
Alcatraz
clubs:
·Comcast
·Alameda Power & Te..
Host:
Broadband Modem (H..
MSN
DSL Extreme
Windstream
Southeast Asian Br..
| reply to amysheehan
Amy, I wonder if it could have something to do with the virus update yesterday rather than from the CC upgrade? My upgrade was done around 11/5/07 and no peep from NAV until I did my weekly full scan.
--
TH ~ NE ~ EPN ~ NC ~ TD |
|
PrntRhd
join:2004-11-03
Fairfield, CA
·Comcast
·Comcast Formerly ..
1 edit | reply to MagMan
said by MagMan :So are we coming to a conclusion here of CCleaner being the culprit. Yeah, it was not CCleaner, it is NIS FP.
Also notice it was a anonymous poster who started the thread. |
|
sashwa
Pixie Cat Crunchin' n Foldin'
Premium,Mod
join:2001-01-29
Alcatraz
clubs: | PrntRhd, it's not just NIS as I only use NAV. |
|
MarkAW
Barry White or lil bratt
Premium
join:2001-08-27
Canada
·Bell Sympatico
·Cogeco Cable
1 edit | reply to PrntRhd
said by PrntRhd :said by MagMan :So are we coming to a conclusion here of CCleaner being the culprit. Yeah, it was not CCleaner, it is NIS FP. Also notice it was a anonymous poster who started the thread. Mods sorry for the OT post. What does a anon post have to do with the problem that others say they have seen as well. 
--
Advertising is legalized lying. - H.G. Wells
Pleasure in the job puts perfection in the work. - Aristotle |
|
MagMan
Life is simpler when you tell the truth.
Premium
join:2003-10-01
Westlake, OH
·AT&T Midwest
·AT&T Midwest
| reply to PrntRhd
said by PrntRhd :said by MagMan :So are we coming to a conclusion here of CCleaner being the culprit. Yeah, it was not CCleaner, it is NIS FP. Also notice it was a anonymous poster who started the thread. Ya your right I forgot about that,and that poster has not posted any other information about his situation in this thread.
--
"The truth is incontrovertible, malice may attack it, ignorance may deride it, but in the end; there it is." |
|
sashwa
Pixie Cat Crunchin' n Foldin'
Premium,Mod
join:2001-01-29
Alcatraz
clubs:
·Comcast
·Alameda Power & Te..
Host:
Broadband Modem (H..
MSN
DSL Extreme
Windstream
Southeast Asian Br..
1 edit | But regardless of the OP being anon, there are those of us using NAV and/or NIS that are seeing this. It could be from the CC upgrade or it could just be a conscience it happened around the same time and has nothing to do with the upgrade.
--
TH ~ NE ~ EPN ~ NC ~ TD |
|
MagMan
Life is simpler when you tell the truth.
Premium
join:2003-10-01
Westlake, OH
·AT&T Midwest
·AT&T Midwest
| said by sashwa :But regardless of the OP being anon, there are those of us using NAV and/or NIS that are seeing this. It could be from the CC upgrade or it could just be a conscience it happened around the same time and has nothing to do with the upgrade. Well whatever is going on we need some answers to it either way.
--
"The truth is incontrovertible, malice may attack it, ignorance may deride it, but in the end; there it is." |
|
amysheehan
Premium,VIP,MVM
join:1999-12-21
Huntington Beach, CA
·RoadRunner Cable
1 edit | reply to sashwa
said by sashwa :Amy, I wonder if it could have something to do with the virus update yesterday rather than from the CC upgrade? My upgrade was done around 11/5/07 and no peep from NAV until I did my weekly full scan. I scanned thru all the detections added and modified by Symantec for November and didn't find any changes or additions to Adware.SystemProcess
»www.symantec.com/avcenter/whats_···-11.html
But I may have missed it
--
DSLR Phishtracker |
|
planet
join:2001-11-05
Olmsted Falls, OH | Check this thread, wonder if they are related?
»Norton and SpywareBlaster updates causing FP (likely) |
|
