- Joined
- Aug 6, 2015
- Messages
- 28
- Reaction score
- 2
I know that, from the title, one may assume that this is nothing to do with Windows 10, but does relate.
When I finally managed to get a good, working, installation of Win 10, I had the dreaded "MPC Cleaner" keep popping up and demanding that I use it to clean up my PC. Now, I'm not one to use programs that appear, uninvited, on my system, so I thought I would get rid of it. Uninstalled it via Control Panel and set about deleting the files in \Program Files (x86), a number of which resisted all attempts to get rid. The programs that I tried that can't touch it include Eraser, File Shredder, MalwareBytes and others. Even Microsoft's "MRT" doesn't recognise it as a threat. (It took 5 hours to tell me that!)
I thought that perhaps I could be a bit crafty and use the Hex editor XVI32 to modify the file and then delete the modified version, but even that failed.
Which brings me to the point of this thread. On scrolling down the Hex file I found reference to "Symantec Corporation" and "Symantec Time Stamping Services CA", both of which come after "http://www.mpc.am", whilst the 'properties' of one of the files reveals "Copyright (c) 2015DotC United Inc" and the digital signature belongs to "DotCash Limited".
This leads me to suppose that either: -
(a) Symantec have done a deal with Microsoft to slip this in with Win10 provided it isn't done under their own name, or
(b) This DotCash outfit have ripped off a Symantec product and are passing it off as their own.
I invite Microsoft, Symantec and DotCash to comment.
Tony N
When I finally managed to get a good, working, installation of Win 10, I had the dreaded "MPC Cleaner" keep popping up and demanding that I use it to clean up my PC. Now, I'm not one to use programs that appear, uninvited, on my system, so I thought I would get rid of it. Uninstalled it via Control Panel and set about deleting the files in \Program Files (x86), a number of which resisted all attempts to get rid. The programs that I tried that can't touch it include Eraser, File Shredder, MalwareBytes and others. Even Microsoft's "MRT" doesn't recognise it as a threat. (It took 5 hours to tell me that!)
I thought that perhaps I could be a bit crafty and use the Hex editor XVI32 to modify the file and then delete the modified version, but even that failed.
Which brings me to the point of this thread. On scrolling down the Hex file I found reference to "Symantec Corporation" and "Symantec Time Stamping Services CA", both of which come after "http://www.mpc.am", whilst the 'properties' of one of the files reveals "Copyright (c) 2015DotC United Inc" and the digital signature belongs to "DotCash Limited".
This leads me to suppose that either: -
(a) Symantec have done a deal with Microsoft to slip this in with Win10 provided it isn't done under their own name, or
(b) This DotCash outfit have ripped off a Symantec product and are passing it off as their own.
I invite Microsoft, Symantec and DotCash to comment.
Tony N