Should I remove Shadow Crop?
What percent of users and experts removed it?
74% remove it26% keep it
What do people think about it?
(click star to rate)
How common is it?
Reach 0.0001%
Versions
| Version | Distribution |
| 1.0.0.0 |
100.00% |
|
Shadow Crop
What is Shadow Crop?
Identified as a version of the CMI/ConvertAd family of malware ad-injectors, this adware which is typically bundled with third-party applications in unwanted software bundles will hijack the user's browser (Internet Explorer, Chrome and Firefox) and display unwanted ads. When running, the process will monitor and capture internet traffic and insert advertisements over existing ads or by placing new ads in white space. In either case, these ads are low in quality and even dangerous in many cases as they might be infected with malware javascript (malvertising). In addition to displaying these unwanted ads, the software runs as startup in the local application data via a registry run key and sends commands to the controlling server to request new ads based on the context of what the user is doing. This action will also report back to the server what domains the user visits, what URLs they enter as well as in some cases might send back cookies. If the sites visited are not SSL encrypted passwords and usernames might be sent to the server compromising the privacy and security of the user.
Overview
Upon installation and setup, it defines an auto-start registry entry which makes this program run on each Windows boot for all user logins. The main program executable is bnsq759b.exe. Typically most users end up uninstalling this just after a few days.
- Possible malware installed by this program
- Automatically starts with Windows
- Displays unwanted advertisements
- The wisdom of the crowd agrees, you should remove it!
Warning, multiple anti-virus scanners have detected possible malware in Shadow Crop.
| bnsq759b.exe (6dee9a88395d58d58a128c252fc913cb) has been flagged by the following 14 scanners: |
| Anti-Virus software | Version | Detection |
| Lavasoft Ad-Aware |
537 |
Gen:Variant.Graftor.189397 |
| ALYac |
1.0.1.4 |
Gen:Variant.Graftor.189397 |
| Arcabit |
1.0.0.425 |
Trojan.Graftor.D2E3D5 |
| AVG |
2016.0.3015 |
Generic6 |
| Baidu-International |
4.0.3.15816 |
Adware.Win32.ConvertAd.PC |
| Bitdefender |
1.0.20.1140 |
Gen:Variant.Graftor.189397 |
| ByteHero BDV |
8.16.2015.10 |
Trojan.Exception.gen.101 |
| Emsisoft Anti-Malware |
8.15.08.16.06 |
Gen:Variant.Graftor.189397 |
| ESET-NOD32 |
9.11743 |
a variant of Win32/Adware.ConvertAd.QX |
| Fortinet FortiGate |
8/16/2015 |
Riskware/ConvertAd |
| F-Secure |
11.2015-16-08_1 |
Gen:Variant.Graftor.189397 |
| G Data |
15.8.25 |
Gen:Variant.Graftor.189397 |
| MicroWorld-eScan |
16.0.0.684 |
Gen:Variant.Graftor.189397 |
| Symantec |
8/16/2015 rev. 1 |
WS.Reputation |
View all 14 all detections
Program details
Installation folder: C:\users\user\appdata\local\0987b84b-1431713979-fd47-9f8a-c80aa96b587b
Uninstaller: "C:\users\user\appdata\Local\0987B84B-1431713979-FD47-9F8A-C80AA96B587B\uninstall.exe"
Files installed by Shadow Crop
| Program executable: | bnsq759b.exe (Malware detected) |
| Path: | C:\users\user\appdata\local\0987b84b-1431713979-fd47-9f8a-c80aa96b587b\bnsq759b.exe |
| MD5: | 6dee9a88395d58d58a128c252fc913cb |
Additional files:
Behaviors exhibited
Startup File (All Users Run)
- bnsq759B.exe is loaded in the all users (HKLM) registry as a startup file name 'WinCheck' which loads as C:\users\user\appdata\Local\0987B84B-1431713979-FD47-9F8A-C80AA96B587B\bnsq759B.exe.
How do I remove Shadow Crop?
You can uninstall Shadow Crop from your computer by using the Add/Remove Program feature in the Window's Control Panel.
- On the Start menu (for Windows 8, right-click the screen's bottom-left corner), click Control Panel, and then, under Programs, do one of the following:
- Windows Vista/7/8/10: Click Uninstall a Program.
- Windows XP: Click Add or Remove Programs.
- When you find the program Shadow Crop, click it, and then do one of the following:
- Windows Vista/7/8/10: Click Uninstall.
- Windows XP: Click the Remove or Change/Remove tab (to the right of the program).
- Follow the prompts. A progress bar shows you how long it will take to remove Shadow Crop.
- If for some reason uninstallation fails, please install Microsoft's uninstall fixer utility which will help fix problems with programs that can't be uninstalled at support.microsoft.com.
HOW IT STARTS
Automatically starts? Yes
(Found in the run registry)
|
|
USER ACTIONS
 |
Uninstall it 74%
Keep it 26%
|
|
|
MOST USED OS
~99%
Windows 10
|
Geography
80.00% of installs come from the United States
Which countries install it?
| United States |
80.00% |
| Poland |
20.00% |
PC manufacturers
What PC manufacturers (OEMs) have it installed?
| Hewlett-Packard |
50.00% |
|
| Acer |
50.00% |
|