FP/ Legitimate malware

Hello folks,

I just want to get a clarification about this program called OpenFreely which can be downloaded from www.openfreely.com. I sometime use this file only on the desktop computer not on my laptop. My desktop computer is protected by AVG Free Edition 2014 (fully up to date). I don’t have this program on my laptop which is protected by Avast Free Edition 2014.9.0.2013 (fully updated).

According to Virus Total it mentions this https://www.virustotal.com/en/file/450a239c0959446498c15ac90115af161eb66cbc117708bf90287359acc61ec6/analysis/1391080247/

AVG, Avast, and many other say it’s clean while 20 antivirus/antispyware/adware says it’s malware, PUP, adware, trojon horse, and some other names. The desktop computer and my laptop has got SuperAntispyware Free Edition and MalwareBytes’ Antimalware Free Edition. SAS Free Edition says it’s clean while MBAM Free Edition says it’s PUP.

This is file harmful on my pc or it contains a file that is PUP? Or should I be or not be worried about?

Thanks in advance.

I’d say it’s probably just unwanted. I’ll have a look at it when I get home. See if it does anything malicious.

InstallIQ in and of itself does not actually install anything malicious - however, it does provide mechanisms for third parties to bundle additional “offers” with products at install-time, which is a very attractive proposition for malware/spyware authors.

On the OpenFreely website:

Clicking this Download button begins installation of InstallIQ, which manages your Open Freely installation. Additional software may be offered to you via opt-in ads during the installation process.

Hi alan1998 and thank you very much. Much appreciated. Please report back to me if u see anything malicious. I also heard ( I may be wrong about this) that some PUP file that comes with some programs has a Adware/PUP called Lucky Leap Adware http://www.fixyourbrowser.com/tag/lucky-leap/

Please also see if that thing comes bundle with OpenFreely. Thanks again.

Hello alan1998. I actually did a full system scan with MBAM Free Edition and it found only 1 PUP and a program called lucky leap and it’s PUP.Optional.InstallIQ. It cleaned it for me and i restarted my computer and after that everything seems fine and the lucky leap program is now gone. Actually, I installed OpenFreely in my desktop computer couple of years ago.

Today I decided to just download Open Freely from the Official website so when firefox finished the download of OpenFreely from the official link that I have provided in this post immediately AVG Free Edition 2014 detected a Virus (severe threat) called W32/Heur. It then showed me a notification telling me to delete the downloaded file immediately and not to install it.

This program has changed so much since i installed this program couple of years ago and W32/Heur is now being detected by AVG 2014 and not being shown in VirusTotal. Couple of years ago, AVG didn’t detect this the instant i downloaded this program and installed it.

I don’t know if my current OpenFreely that I installed couple of years ago is the latest version or not. Couple of years ago, when I installed OpenFreely from the Official website of OpenFreely didn’t look like the current Official website of OpenFreely. The homepage now looks a whole lot different. If I want to uninstall the current version of OpenFreely that I have which I installed it couple of years ago and install the current one. Should I completely disable AVG 2014 and install OpenFreely and enable AVG 2014 and do a full system scan and do full system scan with MBAM?

Any advice will be much appreciated. Thanks.

Most users uninstall lucky leap because of the intrusive pop-ups it will deliver.
This is a tool that will remove lucky leap: adwcleaner. http://www.bleepingcomputer.com/download/adwcleaner/dl/125/
Do not allow adware to take over your PC.

polonus

Hello polonus,

Thanks for your answer and yes I know about adwcleaner. At present the situation is that AVG detects the downloaded file as a virus W32/Heur.

My question is it okay if I disable AVG Free Edition 2014 completely and reinstall OpenFreely, because I don’t know if my current one that I installed couple of years ago is the latest version or not. After install, I can re-enable AVG do a full system scan and do a full system scan with MBAM free edition.

In the past i installed OpenFreely and MBAM detect a variant of Lucky Leap and PUP.Optional.InstallIQ which MBAM successfully deleted it.

Hi Staticquy,

Alas, as you may have noticed: “Sign of the times”. Developers have to earn a living, so they bundle crap to earn a few pennies extra on the side from every download. So proggies that came crap-free in the past now come laden with additional “goodies” :(. Users have to opt out of these “unwanted goodies”. And when you cannot opt out and the so-called additional crap will sneak under the desktop so to say, we often speak of PUPs, possibly unwanted programs. That is why it is almost vital to have a good adblocker installed in the browser next to your resident av solution so you won’t connect out to these “bundler downloaders”!

pol

Hi Polonus,

Yes, I truly understand what you are saying developers from earning a living and etc etc and it’s their job. Talking about my own safety perspective, will my pc be safe if I uninstall OpenFreely that i installed it couple of years ago and install Openfreely again because I don’t know if it’s the lastest version that i have at present…

So after uninstalling it, I disable AVG completely and reinstall openfreely and do a full system scan with AVG and MBAM and also run the Adwcleaner just to be on the safe side.

Hi Staticguy,

That is a reasonable suggestion, well just do not install two resident av solutions as they will start to hunt each other’s detection patterns and you will end up with less security. Non-resident programs can be used next to one resident av solution. So avg + MBAM + SAS or avast + MBAM + SAS. AdwCleaner can just run next to all mentioned.

pol

Okay thanks polonus. My desktop has only one antivirus installed AVG Free Edition 2014. All the rest are SAS Free Edition and MBAM Free Edition. I will uninstall the current OpenFreely, disable AVG Free Edition, and re-install OpenFreely. After that I will re-enable AVG and do a fully system scan with AVG, MBAM, and SAS. I will also run AdwCleaner just to be on the safe side.

I will do that soon and will report back with the results.

Hello folks,

UPDATE 2: I did a full system scan with AVG Antivirus Free Edition 2014 - No malicious stuffs found. I did a full system scan with MBAM Free Edition - No malicious stuffs found. I did a scan with AdwCleaner and it didn’t find any malicious stuffs, but it did find some stuffs which I didn’t delete anything I just pressed clean and after restart it posted up the logs and i uninstalled AdwCleaner.

NB: Prior to installing Open Freely, there were some optional stuffs that was free to install. I didn’t install any optional stuffs. I only installed Open Freely

Please see my logs and if you see any stuffs that shouldn’t be in my computer please let me know and I will install AdwCleaner again and delete the stuffs that you think I should delete it. I will do a full system scan with SuperAntiSpyware Free Edition tomorrow. Thanks.

UPDATE 3: I did a full system scan with SuperAntiSpyware Free Edition. Results are it didn’t find anything suspicious.

Yesturday I saw a big change in how Avast treats OpenFreely. I just downloaded that file and immediately Avast Free Edition detects this file as suspicious and it automatically puts it in the Virus Vault. Great to see this change, in fact I believe that this file is okay, it’s just that there are optional programs that can be downloaded but those are very unnecessary.

Anyways, it looks like my desktop pc is working fine. I just disabled my AVG Free Edition 2014 permanently until Open Freely got installed and I didn’t install any optional programs that was in there because it’s unnecessary! By the way, I am still waiting for the reply about the log file that I sent. Thanks.