We'd like to remind Forumites to please avoid political debate on the Forum. This is to keep it a safe and useful space for MoneySaving discussions. Threads that are - or become - political in nature may be removed in line with the Forum’s rules. Thank you for your understanding.
Trojan Hunt
Lleucu
Posts: 334 Forumite
in Techie Stuff
I think I may have a Trojan. I installed the trial version of Trojan Hunter and ran a scan, results as follows, is it worth paying for the full version to get them removed:
Found trojan file: C:\Program Files\Lenovo\ReadyComm\LinkAVE.dll (Generic.Vundo.C)
Found trojan file: C:\Program Files (x86)\FoxTabFlvPlayer\Uninstall\Uninstall.exe (TrojanClicker.Agent.174)
Found trojan file: C:\Users\MY NAME\AppData\Local\Temp\ICReinstall\FLVPlayerSetup[1].exe (TrojanClicker.Agent.174)
Thanks for your help.
Found trojan file: C:\Program Files\Lenovo\ReadyComm\LinkAVE.dll (Generic.Vundo.C)
Found trojan file: C:\Program Files (x86)\FoxTabFlvPlayer\Uninstall\Uninstall.exe (TrojanClicker.Agent.174)
Found trojan file: C:\Users\MY NAME\AppData\Local\Temp\ICReinstall\FLVPlayerSetup[1].exe (TrojanClicker.Agent.174)
Thanks for your help.
0
Comments
-
is it worth paying for the full version to get them removed
Definately not!
They all look like false positives.0 -
Just one thing - Where did you download FLVPlayer from?
Some downloads have offered toolbars and the like when installing (Babylon toolbar, Sweetim, Uniblue products etc). For that reason, whilst not being overly malicious, certain installers may get detected for installing/offering to install PUPs (Potentially Unwanted Programs).
http://www.threatexpert.com/report.aspx?md5=1add7b9d18cc81d9118803f7f43c8b2f
It's still not worth buying Trojan Hunter though.0 -
download
http://www.filehippo.com/download_malwarebytes_anti_malware/
install , update, then FULL scan
post the log file when doneEx forum ambassador
Long term forum member0 -
A quick scan would suffice for the scanning of places any active malware could run from. The only things a full scan will find over the quick scan are benign traces.0
-
Thanks everybody, quick scan:
Scan type: Quick scan
Objects scanned: 181673
Time elapsed: 3 minute(s), 0 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 1
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
c:\Users\adarynefoedd\AppData\Local\Temp\icreinstall\flvplayersetup[1].exe (Adware.Agent) -> Quarantined and deleted succes0 -
For future reference, the current CNET installer linked to from the developers site doesn't trigger any detections.
http://martijndevisser.com/blog/flv-player/
You may be offered "extras" during the download & installation (eg. ask toolbar) but you can opt out of these - make sure you do if you don't want them.
It's a good idea to delete temporary files from time to time.
http://support.microsoft.com/kb/2608970 -
full scan:
Malwarebytes' Anti-Malware 1.51.1.1800
www.malwarebytes.org
Database version: 7604
Windows 6.1.7601 Service Pack 1
Internet Explorer 8.0.7601.17514
29/08/2011 09:07:39
mbam-log-2011-08-29 (09-07-39).txt
Scan type: Quick scan
Objects scanned: 181673
Time elapsed: 3 minute(s), 0 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 1
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
c:\Users\MY NAME \AppData\Local\Temp\icreinstall\flvplayersetup[1].exe (Adware.Agent) -> Quarantined and deleted successfully.0 -
That looks like the same log you posted first time round, but in the whole I wouldn't be too worried as it's at the very bottom end of anything that might be considered malicious.
Just apply the usual caveats, only download form reputable sources, read EULA's, pay attention to what you are installing and opt out of any unwanted extras that may be offered during the install process, rather than just robotically clicking I agree, next, next, next.....0
This discussion has been closed.
Confirm your email address to Create Threads and Reply
Categories
- All Categories
- 347.7K Banking & Borrowing
- 251.8K Reduce Debt & Boost Income
- 452.1K Spending & Discounts
- 240K Work, Benefits & Business
- 616.1K Mortgages, Homes & Bills
- 175.3K Life & Family
- 253.3K Travel & Transport
- 1.5M Hobbies & Leisure
- 16K Discuss & Feedback
- 15.1K Coronavirus Support Boards