updater 20900

Hitman pro has just detected updater 20900. Does anyone know what it is? Virustotal detects it 8 times. thanks.

Please post a link to the virustotal results.

I have this updater currently in a zip folder if you require it?

Do you know where it came from? Did you download it from somewhere in particular or did HitMan Pro just detect it on your computer and you would like to know how it got there?

Don’t know how I got it! It’s dated 6/1/2013. I haven’t run hitman for quite a while until today so yes I’d like to know how I got it and what it is? Thanks. Side note I always run my browser sandboxed fully cis 6 and partially ltd cis 5 don’t when I changed to 6.

I’m not sure, but from the VirusTotal results, and the fact that it was first seen over three weeks ago, I’m thinking it’s probably some form of adware. Note that I am not sure, that’s just the feeling I get from the VirusTotal results.

Thus, it’s possible it was installed along with something else you installed at some point, or that it was dropped by an application running as partially limited (which sandboxed applications to drop files, but not execute them).

Perhaps someone else can tell you more, but I’ve put in my 2 cents. ;D

Out of curiosity I ran adwcleaner by explode here’s the log I haven’t cleaned anything as yet.

[attachment deleted by admin]

With the information from adwcleaner we may be looking at a toolbar. See if you have unknown extensions installed in FF, Chrome, Safari or IE.

Crossrider platform is a platform to quickly make extension that will work on the mentioned browsers.

No unknown extensions I mainly use opera but i did install ghostery on ie9 to show someone how it works! I have read it could be due to this.

You can let a scanner remove the alledged malware to quarantine and see if Ghostery or anything useful breaks or not.

Don’t think it has a quarantine? I have still got the zipped copy if I need it but I don’t use ie9 anyway so ghostery was removed a while back.

Can you post the finding of Hitman Pro?

From what I see in adwcleaner there are only three offending registry keys but no files. That means with no files related that there is no infection at this moment.That is why I ask the Hitman Pro result to cross reference.

Here’s a new scan as I never saved a log Doh! I placed updater on another desktop.

[attachment deleted by admin]

Hitman Pro detects a file with no matching registry keys nor does it appear to be running in memory. If it is not a file you need remove it.