1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

AdwCleaner flagged as malicious

Discussion in 'General Security' started by simr, Sep 23, 2014.

Thread Status:
Not open for further replies.
Advertisement
  1. simr

    simr Thread Starter

    Joined:
    May 12, 2013
    Messages:
    994
    Hi, just downloaded AdwCleaner and these 3 think it's malicious.
    What should I do, should I not use the AdwCleaner to scan my computer? (which I like to do periodically with the latest version.)
     
  2. LiquidTension

    LiquidTension Malware Specialist

    Joined:
    May 28, 2014
    Messages:
    553
    Hello,

    Those detections are false-positives, and can be safely ignored.
     
  3. simr

    simr Thread Starter

    Joined:
    May 12, 2013
    Messages:
    994
    Thank you, but how are you so sure? (I hope you don't mind me asking, I'm just very careful with web security.)
     
  4. LiquidTension

    LiquidTension Malware Specialist

    Joined:
    May 28, 2014
    Messages:
    553
    Not at all. By all means ask as many questions as you wish.

    I'm sure for the following reasons.

    1) The three anti-virus engines aren't the most reputable.

    2) All three detections are "generic"; and therefore based on a heuristic detection. Heuristics are well known to produce false-positives.

    3) It is not uncommon for anti-virus engines to flag specialised removal tools. This occurs for a variety of reasons to include the tool's compiler, the files it uses, whether files are compressed or packed, what behavior (routines, scripts, etc) it performs, any registry strings it may contain and the type of security engine that was used during the scan.

    4) The last update to AdwCleaner was September 18th. In this time AdwCleaner has been downloaded and used thousands of times.

    When flagged by an anti-virus or security scanner, it's because the programme includes features, behavior or files that appear suspicious or which can potentially be used for malicious purposes. Compressed and packed files in particular are often flagged as suspicious by security software because they have difficulty reading what is inside them. These detections do not necessarily mean the file is malicious or a bad programme. It means it has the potential for being misused by others or that it was simply detected as suspicious or a threat due to the security programme's heuristic analysis engine which provides the ability to detect possible new variants of malware. Anti-virus scanners cannot distinguish between "good" and "malicious" use of such programmes, therefore they may alert you or even automatically remove them. In these cases the detection is a false-positive and can be ignored.
     
  5. simr

    simr Thread Starter

    Joined:
    May 12, 2013
    Messages:
    994
    Thank you!
     
  6. LiquidTension

    LiquidTension Malware Specialist

    Joined:
    May 28, 2014
    Messages:
    553
    You're welcome.
     
  7. simr

    simr Thread Starter

    Joined:
    May 12, 2013
    Messages:
    994
  8. simr

    simr Thread Starter

    Joined:
    May 12, 2013
    Messages:
    994
    Hi, I just downloaded the latest version of AdwCleaner from BleepingComputer, and my Avast started beeping and shut the download down. See attachments for details.
    What should I do?

    Thank you!
     

    Attached Files:

  9. LiquidTension

    LiquidTension Malware Specialist

    Joined:
    May 28, 2014
    Messages:
    553
    It's a false-positive, and can be ignored.

    You can temporarily disable avast! if you'd like to redownload the programme.
     
  10. simr

    simr Thread Starter

    Joined:
    May 12, 2013
    Messages:
    994
    What about downloading from the author's site, is that just as safe as BleepingComputer which is a reputable site? (I know that BleepingComputer gets it from the author, but nonetheless.)
     
  11. LiquidTension

    LiquidTension Malware Specialist

    Joined:
    May 28, 2014
    Messages:
    553
    Toolslib.net is a trustworthy site as well.
     
  12. simr

    simr Thread Starter

    Joined:
    May 12, 2013
    Messages:
    994
    I downloaded it from the author's site and scanned my computer with it.
    Avast didn't have any problems with it this time, but being the cautions type I ran the program through VirusTotal and it has 5 sites flagging it.
     
  13. LiquidTension

    LiquidTension Malware Specialist

    Joined:
    May 28, 2014
    Messages:
    553
    It's a false-positive. Please refer to Post #4.

    The only reputable engine flagging the file is McAfee, and both detections are generic (point #2).
     
  14. simr

    simr Thread Starter

    Joined:
    May 12, 2013
    Messages:
    994
    It just seems that as time goes on, more and more sites flag it as bad, but okay, I'm relying on you.

    You mean "Artemis!590AE97695A2"?

    ---------------------------------

    Thank you very much!
     
  15. LiquidTension

    LiquidTension Malware Specialist

    Joined:
    May 28, 2014
    Messages:
    553
    Yes. Artemis is McAfee's heuristic detection for files that may appear or behave like malware. As stated in Post #4, this type of detection is prone to false-positives.

    AdwCleaner is not malware. There's nothing else I can really add.
     
  16. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Similar Threads - AdwCleaner flagged malicious
  1. flavallee
    Replies:
    6
    Views:
    713
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/1134177

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice