Matrix screensaver has trojan

Discussion in 'malware problems & news' started by ichthus, Sep 17, 2003.

Thread Status:
Not open for further replies.
  1. ichthus

    ichthus Guest

    Beware www.realityrift.com.......
    Matrix screensaver on its website has Download.Trojan in the mce.zip file!

    I got caught out after succumbing to my sons "Youre getting paranoid!" and putting caution to one side instead of listening to my own advice!
    Fortunately NAV picked it up and I was able to get rid before it downloaded any more files!

    Can anything be done about this website and its owner?

    Just want to warn other people! :mad:
     
  2. Technodrome

    Technodrome Security Expert

    Joined:
    Feb 13, 2002
    Posts:
    2,140
    Location:
    New York
    Sounds like a false positive to me. ;)


    tECHNODROME
     
  3. Gavin - DiamondCS

    Gavin - DiamondCS Former DCS Moderator

    Joined:
    Feb 10, 2002
    Posts:
    2,080
    Location:
    Perth, Western Australia
    Confirmed as a false positive, the file doesn't even import any URLMON.DLL functions used by webdowloaders (URLDownloadToFileA , InternetOpenURLA) and is clean :)
     
  4. Mr.Blaze

    Mr.Blaze The Newbie Welcome Wagon

    Joined:
    Feb 3, 2003
    Posts:
    2,842
    Location:
    on the sofa
    :eek: thank god that not even funny im runing matrix screen saver right now lol i jump when i saw this i was like guuuullllllpppppp :eek:
     
  5. ichthus

    ichthus Guest

    Ok so if scrnsaver is clean can anyone tell me how the Download.Trojan appeared on my system immediately after downloading the screensaver as a zip file, unzipping and opening the file, then NAV warning msg promptly pops up straightawayo_Oo_O?
     
  6. Technodrome

    Technodrome Security Expert

    Joined:
    Feb 13, 2002
    Posts:
    2,140
    Location:
    New York
    Because NAV is wrong. ;) Its a FP.
    This file is clean as drinking water (from store ofcourse).

    What is AV False Positive:
    http://antivirus.about.com/library/glossary/bldef-false.htm
    http://antivirus.about.com/library/weekly/aa031001a.htm


    tECHNODROME
     
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.