Jump to content


Photo

Is this program safe (After recent update)


  • Please log in to reply
3 replies to this topic

#1 Newb

Newb

    New Member

  • Members
  • Pip
  • 12 posts
  • Gender:Male

Posted 15 February 2013 - 05:14 AM

Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Fraps (Trojan.Backdoor.MRX) -> Quarantined and deleted successfully.
(Fraps - Safe)


Files Detected: 6
C:\Fraps\uninstall.exe (Trojan.Backdoor.MRX) -> Quarantined and deleted successfully.
(Fraps - Safe)

C:\Program Files\CCleaner\uninst.exe (Trojan.Backdoor.MRX) -> Quarantined and deleted successfully.
(CCleaner - Safe)

C:\Users\MBB\AppData\Local\Temp\is1598539481\zgInstaller.exe (Trojan.Backdoor.MRX) -> Quarantined and deleted successfully.
(What is this? Google doesn't show much. Does any legitimate program need this? This seems to be a redirecter?)

C:\Users\MBB\Downloads\ccsetup321.exe (Trojan.Backdoor.MRX) -> Quarantined and deleted successfully.
(CCleaner - Safe)

C:\Users\MBB\Downloads\npp.6.1.Installer.exe (Trojan.Backdoor.MRX) -> Quarantined and deleted successfully.
(Notepad++ - Safe)

C:\Users\MBB\Downloads\setup.exe (Trojan.Backdoor.MRX) -> Quarantined and deleted successfully.
(Fraps - Safe)

#2 MysteryFCM

MysteryFCM

    Forum Deity

  • Moderators
  • PipPipPipPipPipPip
  • 5,389 posts
  • Gender:Male
  • Location:Tyneside, UK

Posted 15 February 2013 - 05:37 AM

We are aware of this and will have it resolved asap. My apologies for any inconvenience

Steven Burn

Malware Intelligence Analyst


staff.png

Follow us: Twitter, Become a fan: Facebook


#3 Newb

Newb

    New Member

  • Members
  • Pip
  • 12 posts
  • Gender:Male

Posted 15 February 2013 - 05:46 AM

C:\Users\MBB\AppData\Local\Temp\is1598539481\zgInstaller.exe (Trojan.Backdoor.MRX) -> Quarantined and deleted successfully.
(What is this? Google doesn't show much. Does any legitimate program need this? This seems to be a redirecter?)

#4 shadowwar

shadowwar

    Forum Deity

  • Moderators
  • PipPipPipPipPipPip
  • 5,227 posts
  • Gender:Male

Posted 15 February 2013 - 08:13 AM

hard to say without the file but looks to be a legit part of an installer package.

Be sure to update the database so this is no longer detected.
Rich Matteo
Research Engineer

staff.png

Follow us: Twitter, Become a fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users