知名伪装恶软 System Care 1.0, 看看你的安软废柴没?

jasonliul

http://globalpcworks.com/

文件不大....


伪装系统优化的间谍软件.

属于伪劣精品, 制作精良,宣传评测都有.
网站设计得也很像实力派的大品牌合作伙伴风格.

而且不时参与软件促销打折,利用用户占小便宜的心理作恶.

欧阳宣

cylance kill

haoge250

eset 还好。

胖福

赛门铁克的数字签名，签名有效，但是......

文件名: gpcwsetupunad1.exe
威胁名称: Heur.AdvML.C完整路径: f:\norton样本\sonar漏检\临时收集\gpcwsetupunad1.exe
____________________________
____________________________

在电脑上 
2016-11-30 ( 15:35:31 )

上次使用时间 
2016-11-30 ( 15:37:32 )

启动项 
否

已启动 
否

威胁类型: 启发式病毒。 根据恶意软件启发式技术检测威胁。
____________________________

gpcwsetupunad1.exe 威胁名称: Heur.AdvML.C
定位

少量用户信任的文件
Norton 社区中有 不到 50 名用户使用了此文件。

发布已久的文件
该文件已在 2 个月 前发行。

高
此文件具有高风险。
____________________________

http://cdn.globalpcworks.com/sc/c2/securerc/gpcwsetupunad1.exe
已下载文件 从 globalpcworks.com
来源: 外部介质

gpcwsetupunad1.exe
____________________________

文件操作

文件: f:\norton样本\sonar漏检\临时收集\ gpcwsetupunad1.exe 已删除
____________________________

文件指纹 - SHA:
c8bba3f416bf5faad37b0ccc46007c5dd61325b84a6c3e94a60709ef668a9e13
文件指纹 - MD5:
不可用


关闭启发双击过SONAR！

猪头无双

avast监控不报，扫描报，文件信誉不良

vm001

都误报了吧，这工具不错。。

jasonliul

vm001 发表于 2016-11-30 15:56
都误报了吧，这工具不错。。

http://www.spyware-techie.com/system-care-removal-guide
Spyhunter旗下的研究机构最早捕获的.

According to our researchers, this PUP may not always show you decent and correct system scan results. It is possible that in an attempt to make you buy the full version, System Care may try to persuade you by showing you fake results so that you believe that there are hundreds of issues to fix. This number could be quite scary to inexperienced users, although it may simply show temporary files and unused registry entries. We do not believe that this application can truly optimize your PC to run faster.

But that is only one side of the coin. Another side is that this PUP might be able to download and install adware applications in the background. These infections could expose you to unsafe web content. Engaging with third-party ads displayed by such programs could take you to dangerous websites operated by criminals. We recommend that you remove System Care from your system if you really care. Leaving it on your computer may result in more security-related issues before long.

轩夏

大蜘蛛
Program.Unwanted.1561

胖福 发表于 2016-11-30 15:39
赛门铁克的数字签名，签名有效，但是......

文件名: gpcwsetupunad1.exe

居然是C杀！

心醉咖啡

毒霸扫描miss