Anchor Free Hotspot Shield
Posted 08 April 2009 - 06:02 AM
Here is the link to the software http://download.cnet...4-10594721.html
Posted 08 April 2009 - 08:55 AM
I just installed Hotspot and was running a scan with Ad-Aware, def file (0148.0005). It didn't detect anything related to Hotspot. Can you please provide us with the logfile from your scan and the file which is detected. It would be really helpful.
Thanks for your report.
Lavasoft Malware Labs
Posted 08 April 2009 - 03:25 PM
MSG  2009/04/07 21:34:19: C:\program files\hotspot shield\uninstall.exe (diagnosis: Malware family: Win32.TrojanPWS.IEpass) => Block
MSG  2009/04/07 21:35:47: C:\program files\hotspot shield\uninstall.exe (diagnosis: Malware family: Win32.TrojanPWS.IEpass) => Block
MSG  2009/04/07 21:36:17: C:\program files\hotspot shield\uninstall.exe (diagnosis: Malware family: Win32.TrojanPWS.IEpass) => Block
MSG  2009/04/07 21:37:47: C:\program files\hotspot shield\uninstall.exe (diagnosis: Malware family: Win32.TrojanPWS.IEpass) => Block
However, the first time I scanned it, it had two files that it detected. One was the uninstall and the other I can't remember. However, after I uninstalled it, it only detected one file. What I quarantined the second time around was located in the Document and Settings directory. Unfortunately, Adware cuts off the entire string of where it was located. However, I believe he adware software submitted the log...so you might have that in your records.
Also, did your version of Hotspot upgrade you to 1.13? I believe that's the version that is causing people problems.
Does this help?
Edited by eddron, 08 April 2009 - 03:34 PM.
Posted 08 April 2009 - 05:18 PM
We will investigate this issue further and try to reproduce it.
Lavasoft Malware Labs
Posted 09 April 2009 - 08:25 AM
I just installed v.1.13. Ad-Aware didn't detect any of the files in that version. Is it possible for you to track down the detected file and post it in this thread ?
Posted 09 April 2009 - 05:17 PM
I wonder if there is a fake version out there. I noticed that there are two "Official" websites for it. And under WhoIs, they are registered to different people...very suspicious.
Here are the two websites:
Which website did you download it from? It might be worth testing both versions.
If you do, please let me know if one of them is a trojan.
Posted 14 April 2009 - 07:28 AM
Which version of the def file do you use ?
Posted 16 April 2009 - 03:51 PM
If you mean software version, I'm using the anniversary edition.
And the software database, 0148.0006.
Does this help Albin?
Posted 17 April 2009 - 02:44 PM
This may explain the different results. Can you please try to update to the latest def file (0148.0012).
Posted 17 April 2009 - 07:57 PM
Edited by eddron, 17 April 2009 - 07:58 PM.
Posted 20 April 2009 - 09:28 AM
I downloaded the latest version of Hotspotshield from www.hotspotshield.com.
Filename: HSS-1.14-install-anchorfree-76-conduit.zip MD5 Checksum : fe8acc32ad11ad4222e64e489aa43b48
0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users