On a boot scan I was notified of a virus:
Win32:Agent-RZE [trj]
in file c:\windows\system32\msasno.dll
Some online research related this file to FlashGet. Can anyone provide any further information on this?
Thanks!
On a boot scan I was notified of a virus:
Win32:Agent-RZE [trj]
in file c:\windows\system32\msasno.dll
Some online research related this file to FlashGet. Can anyone provide any further information on this?
Thanks!
There are reports about a program called minKuGoo being installed along with FlashGet, which attempts to connect to the Internet while there are no active downloads. According to Prevx MINIKUGOO.EXE, it might be a cause for concern. Uninstalling FlashGet does not remove the modifications and it takes a considerable amount of time and effort to remove the related entries from the registry.FlashGet version 1.9.x may contain (or download on update) trojan horses (TR/Dldr.Agent.kdt, TR/Agent.AHDK), identified as such both by Kaspersky Anti-Virus and Avira AntiVir PE. Apparently there are different installation files for the same version, some of them clean and others modified, possibly as a result of FlashGet developer’s site being hacked[3]. The file “FGUpdate3.ini” (in the same folder where the application is installed) stores the settings for updating the program and may contain a link to download these mentioned trojans (if a modified installation program was used).
Cause for more concern, if confirmed, is FlashGet’s support of adware. Version 2 of this popular download manager has a redesigned UI with new features. However, starting from the Beta 5 Preview, animated banner ads and some adware (e.g. you are the 1 millionth winner) are included. It is still unclear whether these adware-supporting changes will be implemented in the English version as well.
Thank you!
I will look into that. I need to figure out which version I have and check that file for unusual download links. I don’t have the machine with me right now. Can you tell me anything about this trojan? I’d like to know what it does (i.e. keylogger, etc)
Thanks again!