Flooder.ake trojan horse

Topic

New Reply

Just spent a whole evening trying to find a fix for getting rid of a trojan horse, identified by AVG as Flooder.ake.
A late search (std European time) on Google gave one good hit, which I want to share with you. Flooder.ake seems to be a new trojan horse which comes with AVG, according to the link, but (the good thing is that it works! ) thanks to the folks here: http://www.adwarereport.com/%5B/url%5D

Regards
Hougs

PS Edited by my own self to make the link work

Reply | Quote

Replies

Well well well… I was wondering! AVG did claim to have found Flooder.ake on my system, but only in my C:I386 directory and in one of the system restore directories. I was wondering whether that was a false positive of some sort, since I practice “safe hex” and haven’t had any reports of virus, worms, etc. for years. I just checked manually – my winlogon.exe in system32 is still intact (I’m sure windows would have got violently ill if that copy went away, but I thought I’d look manually). See the comments in the AVG forum.

(After posting the above I looked again and saw “Please note that this issue may happen on a very old Windows XP systems without any Service Packs. This issue doesn’t appear on Windows XP Service Pack 1 or Service Pack 2.”. I’m guessing that’s why it saw it in C:I386 and not C:WindowsSystem32 – I think the C:I386 folder is a holdover from when I first got my Dell way back when).

Reply | Quote

Tis the season for false positives? I updated AVG on Sat night and the following scan reported a “generic2.lni” trojan in “migrate.dll” in an “Eastman’ subfolder of C:I386. Migrate.dll being some code for upgrading Eastman software in a Win9x to XP upgrade.

Spent a lot of Sun morning trying to track it down and eventually found a thread on Usenet where the migrate report had been identified as a false positive and reported to Grisoft. By then, Grisoft had a new update and after loading it there was nothing to be found.

Reply | Quote