First MBAM extension in the browser started to moan about a threat - some htxps://obfuscator.10 etc.
Then Microsoft also intervened, do you really want to install? Had to insist…
Isn’t CCleaner the program that got hijacked a few years back?
Dr Web has a tendency to false-positive our new releases for the first 24-72 hours after release. They tend to respond quite promptly though to feedback from us and from their users about corrections though.
I was not aware how actual this was, seen in the light of the Petya attack on CCleaner,
that avast had to nip in the bud on September 23rd last,
while the malcreant/attacker tried to compromise a temp VPN account since May 14th last.
The malcode was Petya. This is a Russian word derived from Pinyin,
the system used to translate Mandarin-Chinese with the use of Latin.
So Voodooshield and MBAM still alerted Piriform’s software.
Petya is malware that originated in the Russia-Ukraine opposition, that is why I got the obfoscator10 alert,
which later was seen to be a FP, checked the installer at VirusTotal, nothing came up.
So Avast has to sure watch their crown jewel software now,
The aftermath of the breach of NSA’s Eternal Blue combined with Mimikatz password stealing researchware
led to the infesting Agent.BTZ malware, the so-called Autorun worm.