We’d like to remind Forumites to please avoid political debate on the Forum.
This is to keep it a safe and useful space for MoneySaving discussions. Threads that are – or become – political in nature may be removed in line with the Forum’s rules. Thank you for your understanding.
The MSE Forum Team would like to wish you all a Merry Christmas. However, we know this time of year can be difficult for some. If you're struggling during the festive period, here's a list of organisations that might be able to help
📨 Have you signed up to the Forum's new Email Digest yet? Get a selection of trending threads sent straight to your inbox daily, weekly or monthly!
Has MSE helped you to save or reclaim money this year? Share your 2025 MoneySaving success stories!
Trojan horse?
Harriett
Posts: 302 Forumite
in Techie Stuff
I ran a scan with AVG and it found a "Trojan horse Generic_r.YQ"
Description is given as "C:\Program Files (x86)\Cyber Link\PowerDVD8Serv.exe(3496)
It's listed twice, in file directory and process.
I have run the scan 4 days running, each time it tells me it found this trojan horse and has healed it so my computer is safe again. The "remove" button is greyed out so I can't delete it.
Can anyone give me some advice please?
Description is given as "C:\Program Files (x86)\Cyber Link\PowerDVD8Serv.exe(3496)
It's listed twice, in file directory and process.
I have run the scan 4 days running, each time it tells me it found this trojan horse and has healed it so my computer is safe again. The "remove" button is greyed out so I can't delete it.
Can anyone give me some advice please?
Always consider your actions wisely, think of others, do you really? 
:sad:
:sad:0
Comments
-
It might be a false positive. Upload the file to VirusTotal
After clicking the Scan It button, if prompted, click Reanalyse.
Wait until scanning has finished. Then copy/paste the long string of letters/numbers after SHA256:How do I add a signature?0 -
You need to upload the file AVG reported as a trojan (PowerDVD8Serv.exe)
When copying the SHA256 code, please make sure you get it all.How do I add a signature?0 -
Thanks Figment.
This is the result,
SHA256: a490adcd7bc9863b6e8773cadfde6ca58a0743cd64c39d14af380b18abdec003Always consider your actions wisely, think of others, do you really? :sad:0 -
You need to click reanalyzePDVD8Serv.exe
Analysis date: 2012-09-07 02:11:04 UTC ( 3 days, 17 hours ago )
https://www.virustotal.com/file/a490adcd7bc9863b6e8773cadfde6ca58a0743cd64c39d14af380b18abdec003/analysis/0 -
You need to click reanalyze
https://www.virustotal.com/file/a490adcd7bc9863b6e8773cadfde6ca58a0743cd64c39d14af380b18abdec003/analysis/
I did click reanalyse.Always consider your actions wisely, think of others, do you really? :sad:0 -
Upload it again, it definitely wasn't rescanned.Last seen by VirusTotal
2012-09-07 02:11:04 UTC ( 3 days, 17 hours ago )0 -
Did you wait until it had finished analysing before copying the SHA256?How do I add a signature?0
-
Did you wait until it had finished analysing before copying the SHA256?
Yes I did, I uploaded the file, clicked reanalyze, and it came up with that code twice now, yet it still has the date from 3 days ago.
It has a long list of the antivirus programmes underneath.Always consider your actions wisely, think of others, do you really? :sad:0 -
Download DDS from the link below and save it to your desktop:
Link
After you've downloaded it and saved it to your desktop:- Double click DDS to run it.
- When it's finished, DDS will open two logs:
- DDS.txt
- Attach.txt
Copy & paste the contents of just DDS.txt for now and post it here (you may need to split the log over separate posts)0
This discussion has been closed.
Confirm your email address to Create Threads and Reply
Categories
- All Categories
- 352.9K Banking & Borrowing
- 253.9K Reduce Debt & Boost Income
- 454.7K Spending & Discounts
- 246K Work, Benefits & Business
- 602.1K Mortgages, Homes & Bills
- 177.8K Life & Family
- 259.9K Travel & Transport
- 1.5M Hobbies & Leisure
- 16K Discuss & Feedback
- 37.7K Read-Only Boards