SpeedyPC

AdwCleaner FP with Auslogics Disk Defrag

Recommended Posts

G'day ^_^

I believe Auslogics Disk Defrag is false positive when using the latest AdwCleaner, could you please check.

Thank you.

# AdwCleaner v6.030 - Logfile created 30/11/2016 at 14:32:53
# Updated on 19/10/2016 by Malwarebytes
# Database : 2016-11-29.1 [Server]
# Operating System : Windows 8.1  (X64)
# Username :
# Running from :
# Mode: Scan
# Support : https://www.malwarebytes.com/support

 

***** [ Services ] *****

No malicious services found.


***** [ Folders ] *****

Folder Found:  C:\ProgramData\Auslogics
Folder Found:  C:\ProgramData\Application Data\Auslogics
Folder Found:  C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Auslogics
Folder Found:  C:\Program Files (x86)\Auslogics


***** [ Files ] *****

No malicious files found.


***** [ DLL ] *****

No malicious DLLs found.


***** [ WMI ] *****

No malicious keys found.


***** [ Shortcuts ] *****

No infected shortcut found.


***** [ Scheduled Tasks ] *****

No malicious task found.


***** [ Registry ] *****

Key Found:  HKLM\SOFTWARE\Auslogics


***** [ Web browsers ] *****

No malicious Firefox based browser items found.
No malicious Chromium based browser items found.

Share this post


Link to post
Share on other sites

I don't have Auslogics BoostSpeed and Auslogics Driver Updater installed on my laptop, I only have Auslogics Disk Defrag Free and I've already scan my computer with Malwarebytes Anti-Malware I have no detection at all zero virus, malware, PUP etc etc etc at all.

It's only AdwCleaner v6.030 that is picking up the issue and as I said before and I'm 100% sure is false positive.

Edited by SpeedyPC

Share this post


Link to post
Share on other sites

@fr33tux if the AdwCleaner detection is correct then why my Malwarebytes Anti-Malware Premium database version is 2016.12.1.6 hasn't pick this up which doesn't make any sense to me at all :huh: can you please explain??

Edited by SpeedyPC

Share this post


Link to post
Share on other sites

there still is a issue with reg key. It lists

***** [ Registry ] *****

Key Found:  HKLM\SOFTWARE\Auslogics

 

But there is no key listed here, I can only assume when it found one item it maybe adds other listed for that product.

Feedback: have a option to right click an open reg to that point.

Edited by edkiefer

Share this post


Link to post
Share on other sites

Hello,

@edkiefer

Please do the following:

  • Download FRST
  • Right-click on the file -> "Execute as Administrator"
  • Please also check Shortcut.txt
  • Click on the "Scan" button
  • The logfile is saved as FRST.txt , and additional informations are in Addition.txt.
  • Please host them on Up2Share and share the generated link.

Share this post


Link to post
Share on other sites

Virsutotal gave these 3 for it, I will try from majorgeeks

McAfee-GW-Edition BehavesLike.Win32.Generic.tc 20161202
Qihoo-360 HEUR/QVM10.1.0000.Malware.Gen 20161203
nProtect Backdoor/W32.NanoBot.1761280 20161202

Share this post


Link to post
Share on other sites
16 hours ago, edkiefer said:

Virsutotal gave these 3 for it, I will try from majorgeeks

McAfee-GW-Edition BehavesLike.Win32.Generic.tc 20161202
Qihoo-360 HEUR/QVM10.1.0000.Malware.Gen 20161203
nProtect Backdoor/W32.NanoBot.1761280 20161202

These are FPs. You have to ignore SmartScreen and run FRST.

 

When you get this message again, click on "more info" and then click on "run anyway".

Edited by MKDB

Share this post


Link to post
Share on other sites
32 minutes ago, MKDB said:

These are FPs. You have to ignore SmartScreen and run FRST.

 

When you get this message again, click on "more info" and then click on "run anyway".

Ok, thanks for that, but with due respect I didn't post info to ask for help, just to post False listing of that path.

I have done search whole reg with "Auslogics " and only thing that comes up is the setup file I still have.

Share this post


Link to post
Share on other sites

If I find some free time i might setup a VM for testing, install Auslogics 6.2.1.0 and uninstall and see what shows up in Adwcleaner. and run FRST.

Share this post


Link to post
Share on other sites

Ok, sorry for my report, I was wrong, I missed it in 32bit reg path, all is good with HKLM\SOFTWARE\Auslogics

 

I was looking in native regeditor (64bit) not regedit.exe(32) .

Share this post


Link to post
Share on other sites
On 12/1/2016 at 8:24 AM, fr33tux said:

Hello,

I confirm you that AdwCleaner detection is correct, it's not a FP.

Best regards,

Hi all,

reading through this post I wonder why nobody has aked "Why?" yet. So, please enlighten us: Why is Auslogics Disk Defrag malware? What criteria did it not pass that makes it malicious?

It has no viruses as we know. Ok, it's setup routine is tricky and you have to watch where you set your check marks to avoid uwanted products to be installed. But that cannot be the only reason because then hundreds of other freeware would be malicious too.

I could understand if BoostSpeed and DriverUpdate would me marked as PUP because those two are unwantedly installed when you install Disk Defrag.

Now, if there is reason and it can't be changed I would love to see a feature in Malwarebytes where I can select certain files in the result screen and click a button "Exclude from scan". That is not possible. In case of DIsk Defrag there are several files, the excutable, the deskotp link, the start menu llink etc. etc. Right now I would have to write them down, go the extra Exclude window and add them one by one. Can such a feature be added to the scan results screen?

Best regards,

Glewe
 

Share this post


Link to post
Share on other sites

Ok, the ruleset makes sense.

What about my suggestion to easier exclude objects from the scan result screen?

Best regards,

Glewe

Share this post


Link to post
Share on other sites

I just ran a scan with new version and it can up with the same
 conclusion 'Auslogics Disk Defrag' ...so what say you...should I remove it or not?

thank you

Edited by hayc59

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

  • Recently Browsing   0 members

    No registered users viewing this page.