We'd like to remind Forumites to please avoid political debate on the Forum. This is to keep it a safe and useful space for MoneySaving discussions. Threads that are - or become - political in nature may be removed in line with the Forum’s rules. Thank you for your understanding.

Trojan Hunt

I think I may have a Trojan. I installed the trial version of Trojan Hunter and ran a scan, results as follows, is it worth paying for the full version to get them removed:

Found trojan file: C:\Program Files\Lenovo\ReadyComm\LinkAVE.dll (Generic.Vundo.C)
Found trojan file: C:\Program Files (x86)\FoxTabFlvPlayer\Uninstall\Uninstall.exe (TrojanClicker.Agent.174)
Found trojan file: C:\Users\MY NAME\AppData\Local\Temp\ICReinstall\FLVPlayerSetup[1].exe (TrojanClicker.Agent.174)

Thanks for your help.

Comments

  • waddler_8
    waddler_8 Posts: 3,588 Forumite
    is it worth paying for the full version to get them removed

    Definately not!

    They all look like false positives.
  • waddler_8
    waddler_8 Posts: 3,588 Forumite
    Just one thing - Where did you download FLVPlayer from?

    Some downloads have offered toolbars and the like when installing (Babylon toolbar, Sweetim, Uniblue products etc). For that reason, whilst not being overly malicious, certain installers may get detected for installing/offering to install PUPs (Potentially Unwanted Programs).

    http://www.threatexpert.com/report.aspx?md5=1add7b9d18cc81d9118803f7f43c8b2f

    It's still not worth buying Trojan Hunter though.
  • Browntoa
    Browntoa Posts: 49,528 Forumite
    Part of the Furniture 10,000 Posts Name Dropper Photogenic
    download

    http://www.filehippo.com/download_malwarebytes_anti_malware/

    install , update, then FULL scan

    post the log file when done
    Ex forum ambassador

    Long term forum member
  • waddler_8
    waddler_8 Posts: 3,588 Forumite
    A quick scan would suffice for the scanning of places any active malware could run from. The only things a full scan will find over the quick scan are benign traces.
  • Lleucu
    Lleucu Posts: 334 Forumite
    I've been Money Tipped!
    Thanks everybody, quick scan:

    Scan type: Quick scan
    Objects scanned: 181673
    Time elapsed: 3 minute(s), 0 second(s)
    Memory Processes Infected: 0
    Memory Modules Infected: 0
    Registry Keys Infected: 0
    Registry Values Infected: 0
    Registry Data Items Infected: 0
    Folders Infected: 0
    Files Infected: 1
    Memory Processes Infected:
    (No malicious items detected)
    Memory Modules Infected:
    (No malicious items detected)
    Registry Keys Infected:
    (No malicious items detected)
    Registry Values Infected:
    (No malicious items detected)
    Registry Data Items Infected:
    (No malicious items detected)
    Folders Infected:
    (No malicious items detected)
    Files Infected:
    c:\Users\adarynefoedd\AppData\Local\Temp\icreinstall\flvplayersetup[1].exe (Adware.Agent) -> Quarantined and deleted succes
  • waddler_8
    waddler_8 Posts: 3,588 Forumite
    For future reference, the current CNET installer linked to from the developers site doesn't trigger any detections.

    http://martijndevisser.com/blog/flv-player/

    You may be offered "extras" during the download & installation (eg. ask toolbar) but you can opt out of these - make sure you do if you don't want them.

    It's a good idea to delete temporary files from time to time.

    http://support.microsoft.com/kb/260897
  • Lleucu
    Lleucu Posts: 334 Forumite
    I've been Money Tipped!
    full scan:

    Malwarebytes' Anti-Malware 1.51.1.1800
    www.malwarebytes.org
    Database version: 7604
    Windows 6.1.7601 Service Pack 1
    Internet Explorer 8.0.7601.17514
    29/08/2011 09:07:39
    mbam-log-2011-08-29 (09-07-39).txt
    Scan type: Quick scan
    Objects scanned: 181673
    Time elapsed: 3 minute(s), 0 second(s)
    Memory Processes Infected: 0
    Memory Modules Infected: 0
    Registry Keys Infected: 0
    Registry Values Infected: 0
    Registry Data Items Infected: 0
    Folders Infected: 0
    Files Infected: 1
    Memory Processes Infected:
    (No malicious items detected)
    Memory Modules Infected:
    (No malicious items detected)
    Registry Keys Infected:
    (No malicious items detected)
    Registry Values Infected:
    (No malicious items detected)
    Registry Data Items Infected:
    (No malicious items detected)
    Folders Infected:
    (No malicious items detected)
    Files Infected:
    c:\Users\MY NAME \AppData\Local\Temp\icreinstall\flvplayersetup[1].exe (Adware.Agent) -> Quarantined and deleted successfully.
  • waddler_8
    waddler_8 Posts: 3,588 Forumite
    That looks like the same log you posted first time round, but in the whole I wouldn't be too worried as it's at the very bottom end of anything that might be considered malicious.

    Just apply the usual caveats, only download form reputable sources, read EULA's, pay attention to what you are installing and opt out of any unwanted extras that may be offered during the install process, rather than just robotically clicking I agree, next, next, next..... ;)
This discussion has been closed.
Meet your Ambassadors

Categories

  • All Categories
  • 347.7K Banking & Borrowing
  • 251.8K Reduce Debt & Boost Income
  • 452.1K Spending & Discounts
  • 240K Work, Benefits & Business
  • 616.1K Mortgages, Homes & Bills
  • 175.3K Life & Family
  • 253.3K Travel & Transport
  • 1.5M Hobbies & Leisure
  • 16K Discuss & Feedback
  • 15.1K Coronavirus Support Boards

Is this how you want to be seen?

We see you are using a default avatar. It takes only a few seconds to pick a picture.