3 replies to this topic

[Newb]

Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Fraps (Trojan.Backdoor.MRX) -> Quarantined and deleted successfully.
(Fraps - Safe)


Files Detected: 6
C:\Fraps\uninstall.exe (Trojan.Backdoor.MRX) -> Quarantined and deleted successfully.
(Fraps - Safe)

C:\Program Files\CCleaner\uninst.exe (Trojan.Backdoor.MRX) -> Quarantined and deleted successfully.
(CCleaner - Safe)

C:\Users\MBB\AppData\Local\Temp\is1598539481\zgInstaller.exe (Trojan.Backdoor.MRX) -> Quarantined and deleted successfully.
(What is this? Google doesn't show much. Does any legitimate program need this? This seems to be a redirecter?)

C:\Users\MBB\Downloads\ccsetup321.exe (Trojan.Backdoor.MRX) -> Quarantined and deleted successfully.
(CCleaner - Safe)

C:\Users\MBB\Downloads\npp.6.1.Installer.exe (Trojan.Backdoor.MRX) -> Quarantined and deleted successfully.
(Notepad++ - Safe)

C:\Users\MBB\Downloads\setup.exe (Trojan.Backdoor.MRX) -> Quarantined and deleted successfully.
(Fraps - Safe)

[MysteryFCM]

We are aware of this and will have it resolved asap. My apologies for any inconvenience

[Newb]

C:\Users\MBB\AppData\Local\Temp\is1598539481\zgInstaller.exe (Trojan.Backdoor.MRX) -> Quarantined and deleted successfully.
(What is this? Google doesn't show much. Does any legitimate program need this? This seems to be a redirecter?)

[shadowwar]

hard to say without the file but looks to be a legit part of an installer package.

Be sure to update the database so this is no longer detected.