I believe this detection of a regkey is a FP for SnagIt.

Name:Win32.Trojan.Agent
Category:Data Miner
Object Type:Regkey
Size:39 Bytes
Location:appid\bho.dll\
Last Activity:10-29-2006
Relevance:Low
TAC index:10
Comment:
Description:Win32.Trojan.Agent may download and install adware program(s) to the victim machine. May change configurations for Windows Explorer and for Windows interface.

Using:

Reference Number : SE1R125 06.10.2006
Internal build : 154

Note: The link to the TAC for Win32.Trojan.Agent is a dead end.

I left the key pending further information. Please advise.

Hi jmorlan,

Thanks for reporting this. Did the log give further information on the key detected (location? value?)

I'll ask the Research Team to take a look here

This is from the log:

Started registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Win32.Trojan.Agent Object Recognized!
Type : Regkey
Data :
TAC Rating : 10
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : appid\bho.dll

Registry Scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 1
Objects found so far: 1

The "jump to key" feature doesn't seem to be working for me, but here is the value:

Windows Registry Editor Version 5.00

[HKEY_CLASSES_ROOT\AppID\BHO.DLL]
"AppID"="{59AEAD8A-6822-4794-AF2E-8CC27312E26E}"

I tracked that value to what I believe is the Snagit IE plugin. Please let me know if you need any other information.

Thanks! I've requested the Research team have a look here

I reported this back on Oct. 26, 2006.

http://www.lavasoftsupport.com/index.php?showtopic=4353

I'm sure that this registry entry came from the SnagIt BHO AppID. To satisfy myself, I uninstalled the SnagIt Add-In via Add/Remove and this in turn, removed the reg entry. A scan by Ad-Aware confirmed it (not there anymore). Re-Installed the Add-In and the key is back.

Ok! Thanks, Don.

Now they have two headsup

I guess we can say 3 now. I found this post/thread because I was searching on the same topic, since I had this "Win32.Trojan.Agent" found as well... Which I thought a bit suspect since my enterprise McAfee scanner didn't find it.

Same registry key location. I also have SnagIt v8.1 (latest)

BTW...

If I wanted to report a problem with the registration process, would I still post it, or is there someone I can PM or email...?

Thanks... & Of course thanks for AdAware!

Cheers

This has been corrected with today's update:

Reference Number : SE1R130 01.11.2006
Internal build : 162
File location : C:\Program Files\Ad-Aware SE Professional\defs.ref
File size : 827740 Bytes
Total size : 2672674 Bytes
Signature data size : 2623206 Bytes
Reference data size : 48956 Bytes
Signatures total : 71527
CSI Fingerprints total : 4337
CSI data size : 186643 Bytes
Target categories : 15
Target families : 1005

Hi don, You could try an email to generalsupport@lavasoft.com - they are dealing with a license issue, that I raised from inside the Support Center - would be helpful to them for the Subject line to be as explanatory as possible.

Should you have purchased on-line, then it may pay to visit the Customer Care Center of their online eseller, element5. There are several methods for logging-in and once inside, you will be able to retrieve such information as Order # and Reference #, together with all you other on-line purchase information.

Click to view attachment

Hope that that is of help to you,

Regards,

Spike

Hmmm, I don't see a question from don about registration (maybe he edited that out?)

Anyway, this FP appears to be resolved now so I'm moving this thread to the "Resolved" section (read only)

If you should have further issues, please feel free to post a new topic.

Edit: Ok, I found it was a question further up from unRheal regards registration. So if spike-nz's answer doesn't resolve the problem, please feel free to start a new topic since this one is about the FP that has since been resolved