• Announcements

    • LS.Andy

      Support for other products than adaware, ad block, web protection and Web Companion   05/05/2017

      Support for the following products is handled by the Lavasoft support team: Lavasoft Tuneup Kit Lavasoft PC Optimizer Lavasoft Driver Updater Lavasoft Registry Tuner Lavasoft Privacy Toolbox Lavasoft File Shredder Lavasoft Digital Lock

      For help with these products, contact the support team here: http://www.lavasoft.com/support/supportcenter/


Root Admin
  • Content count

  • Joined

  • Last visited

  • Days Won


LS.Andy last won the day on January 12

LS.Andy had the most liked content!

Community Reputation

79 Excellent

About LS.Andy

  • Rank
    Lavasoft Staff/Forum Overlord

Profile Information

  • Location

Recent Profile Visitors

4,277 profile views
  1. JS:Trojan.JS.Agent.SAP

    No need to worry abut your passwords, although, this might be a good opportunity to consider setting different passwords for all your online accounts and setting up 2 Factor Authentiction on any of your accounts that provide it, if you haven't done so already. This site lists services that support 2 Factor Authentication, so if you use any of these services, it's recommended to enable it: https://twofactorauth.org/ I use KeePassX as my password manager and Authy to keep track of 2 Factor Authentication tokens. KeePassx: https://www.keepassx.org/ Authy: https://authy.com/
  2. JS:Trojan.JS.Agent.SAP

    Hi PEllis, Thanks for uploading the file. This appears to include a cryptocurency miner script (multiple references to CryptoNight, typically used when mining Monero) that runs when visiting the web page. These pages usually run the script without the user's consent, which is why it is included in the detection database. As an aside, it looks like, more AVs have started to detect it: https://www.virustotal.com/#/file/576dbb37512721bd5eb744ee1a9049a09648f4099bc082cd87b78c78b402068f/detection
  3. JS:Trojan.JS.Agent.SAP

    Can you upload the file to this thread please?
  4. False Positive - RGL-Email

    Thanks for your report, kres0345. The file is no longer being detected. Regards, Andy Adaware Malware Lab
  5. False positive

    Hi sayatoosoft, Thanks for your report. The file SayaSub2.exe (md5: f7ef21ea45882fff513cdb5c96fe2c13) is no longer being flagged by Adaware. Regards, Andy Adaware Malware Lab
  6. false positive on runmaj.exe

    Hi mcoueron, Sorry for the late reply. We've just migrated to a new version of the forum software and we're having some unexpected issues with settings that didn't migrate properly, like file uploads not being permitted and email alerts on new posts not being sent. In the meantime, can you post a link to the file that's being blocked so I can download and check it out? Thanks, Andy Lavasoft Malware Lab
  7. Hi olegas22, The detection is a false positive and has been fixed. Thanks for your report. Regards, Andy Lavasoft Malware Lab
  8. Curse Application Being Blocked

    Hi rickvoid, Thanks for the additional information. If I've understood correctly, Ad-Aware isn't alerting that it has blocked files, rather, Ad-Aware appears to be conflicting with the Twitch app and stopping it from running: .. and when you kill Ad-Aware, Twitch runs: I was able to recreate this and I've notified the development team about this for investigation. Thanks for letting us know. Regards, Andy Lavasoft Malware Lab
  9. Hi olegas22, Thanks for letting us know. We'll re-investigate and report back here. Regards, Andy Lavasoft Malware Lab
  10. Curse Application Being Blocked

    Hi, In order to recreate the problem, I need to first install the application that Ad-Aware is interfering with. Can you provide an exact link where I can download the application, or upload the installer here please? Thanks, Andy Lavasoft Malware Lab
  11. Curse Application Being Blocked

    Hi synchtw, Thanks for your report. I haven’t been able to recreate the problem. When I visit curse.com it invites me to download the Twitch Desktop app, which, when I install, installs without any problems or alerts from Ad-Aware. Can you describe the steps I need to take to recreate the problem? Thanks, Andy Lavasoft Malware Lab
  12. False positive KA Lite

    Hi Homeschooled, The detection of the file is a false positive and has been removed from detection. Regards, Andy Lavasoft Malware Lab
  13. False positive KA Lite

    Please compress the file with Winzip/Winrar/7zip or similar before uploading.
  14. False positive KA Lite

    Hi Homeschooled, You can remove the file from quarantine by: clicking Scan Computer on the icon list on the left side of the GUI scrolling down to Quarantined Files clicking View selecting the file you want to restore and hit Restore You can add the file to the exclusion list by going into Manage Exclusions, just above Quarantined Files. When you've restored the file, can you upload it here so I can check it out? Thanks, Andy Lavasoft Malware Lab
  15. false positive- Naver Whale

    Using the installer, I was able to recreate the detection on IETabDriver.exe. The md5 for that file was different from the original one that we tested with (md5: 0f0ec27159eda4c9bad814d28bda0e59). This is an FP and will be removed from detection. I wasn't able to recreate the detection on whale.exe. The md5 of the file installed using the installer is d574b68650c68f8941dbc16f86d56a2f, which is also different from the file we originally tested. Can you upload the version of whale.exe that is being detected please? Andy