home

adwcleaner.exe

AdwCleaner from Xplode is a free application designed to search for and remove adware such as browser toolbars and other potentially unwanted programs and specifically targets software that is bundled with free programs that you download from the web. This is a setup program which is used to install the application. The file has been seen being downloaded from dc396.4shared.com and multiple other hosts.
Version:
1.501

MD5:
35b6953cf52a04d5cd20b88a1ab1a5f6

SHA-1:
e39cdf7a1e1c56b645291a035be9b5995b9d66c8

SHA-256:
010212b57e3b2bd99f405cebeb47dd9f7df762fc3a23718cb183556b27eacb51

Scanner detections:
1 / 68

Status:
Clean  (1 probable false positive detection)

Explanation:
This is mosty likely a false positive detection, the file is probably clean.

Analysis date:
5/11/2024 2:35:34 PM UTC  (today)

Scan engine
Detection
Engine version

Vba32 AntiVirus
Trojan.Autoit.Wirus
3.12.16.4

File size:
591.8 KB (605,989 bytes)

Copyright:
Xplode

File type:
Executable application (Win32 EXE)

Language:
French (France)

Common path:
C:\users\{user}\downloads\adwcleaner.exe

File PE Metadata
Compilation timestamp:
1/29/2012 7:32:28 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
12288:Z6Wq4aaE6KwyF5L0Y2D1PqL3Wxby8wTdX8zNLkWxH5hnbdd0dJdyf8MR:vthEVaPqL3W62dkWXJbdMJd74

Entry address:
0xBBE70

Entry point:
60, BE, 00, A0, 47, 00, 8D, BE, 00, 70, F8, FF, 57, EB, 0B, 90, 8A, 06, 46, 88, 07, 47, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 72, ED, B8, 01, 00, 00, 00, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C0, 01, DB, 73, 0B, 75, 28, 8B, 1E, 83, EE, FC, 11, DB, 72, 1F, 48, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C0, EB, D4, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C9, EB, 52, 31, C9, 83, E8, 03, 72, 11, C1, E0, 08, 8A, 06, 46, 83, F0, FF, 74, 75, D1, F8, 89, C5, EB, 0B, 01, DB, 75, 07, 8B...
 
[+]

Packer / compiler:
UPX v0.89.6 - v1.02 / v1.05 -v1.24

Code size:
268 KB (274,432 bytes)

The file adwcleaner.exe has been seen being distributed by the following 2 URLs.

http://dc396.4shared.com/download/.../adwcleaner.exe

http://dc673.4shared.com/download/.../adwcleaner.exe

Scan adwcleaner.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.