Sign in to follow this  
Dilermando

Are udremove.exe and ud_the_kmplayer_1435.exe trojans, by the way undetected by Ad-Aware ?

Recommended Posts

Hello.

Lavasoft's Ad-Aware and McAfee's Internet Securiry Suite are my standard shields against usual threats. I keep them always up to date, and I regularly scrutinize my PC (which runs Windows XP).

From times to times, I also run other free diagnostic programs availables over the web to scrutinize my PC. One of them has just said my PC is infected by two trojans:

c:\documents ans settings\dilermando\local configurations\temporay internet files\udremove.exe
(also known as ud_hjsplit-2-4.exe)

e:\downloads_1_de_2\kmplayer\ud_the_kmplayer_1435.exe
(a program not installed in my PC, I have just downloaded it)

Both go unoticed by Lavasoft’s, McAfee's and Norton's malware detection programs. Neither do I find any references to udremove.exe in this forum. And Windows XP Explorer doesn’t allow deleting udremove.exe.

Some websites supply removal tools for udremove.exe, and/or comments about it:
[url="http://www.prevx.com/filenames/1520819864705401326-X1/UD_HJSPLIT-2-4.EXE.html"]http://www.prevx.com/filenames/15208198647...IT-2-4.EXE.html[/url]
[url="http://www.spywareremovalblog.com/remove-udremove-exe/"]http://www.spywareremovalblog.com/remove-udremove-exe/[/url]
[url="http://www.virusremovalguru.com/?p=5076"]http://www.virusremovalguru.com/?p=5076[/url]
[url="http://forums.malwarebytes.org/index.php?showtopic=32660"]http://forums.malwarebytes.org/index.php?showtopic=32660[/url]

So, does anybody know something about those supposed infections ?

Are they really trojans, dangerous stuff ? in that case, why Ad-Aware ignores them ? may I trust such removal tools ?

My best regards, and many thanks for all those willing to help me.

Dilermando
  • Like 1

Share this post


Link to post
Share on other sites
I moved your topic since it does not involve a false positive detection by Ad-Aware.

Detections can go either way. Maybe Ad-Aware and McAfee don't yet detect these malicious files, or maybe the online site has detected a false positive, which has been known to happen.

There's a link in my signature where you can upload suspicious files to Lavasoft. If they find it malicious, they'll add it to their definitions.

Share this post


Link to post
Share on other sites
Sign in to follow this