Matrix screensaver has trojan

Discussion in 'malware problems & news' started by ichthus, Sep 17, 2003.

Thread Status:
Not open for further replies.
  1. ichthus

    ichthus Guest

    Beware www.realityrift.com.......
    Matrix screensaver on its website has Download.Trojan in the mce.zip file!

    I got caught out after succumbing to my sons "Youre getting paranoid!" and putting caution to one side instead of listening to my own advice!
    Fortunately NAV picked it up and I was able to get rid before it downloaded any more files!

    Can anything be done about this website and its owner?

    Just want to warn other people! :mad:
     
  2. Technodrome

    Technodrome Security Expert

    Joined:
    Feb 13, 2002
    Posts:
    2,140
    Location:
    New York
    Sounds like a false positive to me. ;)


    tECHNODROME
     
  3. Gavin - DiamondCS

    Gavin - DiamondCS Former DCS Moderator

    Joined:
    Feb 10, 2002
    Posts:
    2,080
    Location:
    Perth, Western Australia
    Confirmed as a false positive, the file doesn't even import any URLMON.DLL functions used by webdowloaders (URLDownloadToFileA , InternetOpenURLA) and is clean :)
     
  4. Mr.Blaze

    Mr.Blaze The Newbie Welcome Wagon

    Joined:
    Feb 3, 2003
    Posts:
    2,842
    Location:
    on the sofa
    :eek: thank god that not even funny im runing matrix screen saver right now lol i jump when i saw this i was like guuuullllllpppppp :eek:
     
  5. ichthus

    ichthus Guest

    Ok so if scrnsaver is clean can anyone tell me how the Download.Trojan appeared on my system immediately after downloading the screensaver as a zip file, unzipping and opening the file, then NAV warning msg promptly pops up straightawayo_Oo_O?
     
  6. Technodrome

    Technodrome Security Expert

    Joined:
    Feb 13, 2002
    Posts:
    2,140
    Location:
    New York
    Because NAV is wrong. ;) Its a FP.
    This file is clean as drinking water (from store ofcourse).

    What is AV False Positive:
    http://antivirus.about.com/library/glossary/bldef-false.htm
    http://antivirus.about.com/library/weekly/aa031001a.htm


    tECHNODROME
     
Loading...
Thread Status:
Not open for further replies.