PDA

View Full Version : Trojan.Muldrop5.5748 in AbLite 1.8.0.0.182



Rive
20.04.2014, 02:20
During installation of distributive downloaded from Astroburn Lite. Программа для записи дисков. (http://www.astroburn.com/rus/products/abLite) Dr.Web Antivirus ([url=http://www.drweb.com/]Dr.Web

Rive
21.04.2014, 00:00
For some reason my initial message was broken.

During installation of AbLite (from above mentioned source) Dr.Web antivirus detects two files infected with Trojan.Muldrop5.5748 – one in Temporary Internet Files (it's interesting, 'cause I don't use IE), other in current user Temp dir. Dr.Web blocks these files automatically, but install process goes further without any errors and I get fully working application.

Terramex
22.04.2014, 11:34
Seems like a false positive triggered by the OpenCandy or Somoto Ad-Sponsor component in Astroburn.
Do you still have the files in quarantine ?

Rive
22.04.2014, 12:59
Seems like a false positive triggered by the OpenCandy or Somoto Ad-Sponsor component in Astroburn.
Do you still have the files in quarantine ?

If so, this is not false positive detection. It's Dr.Web policy to treat any adware as malicious software and to remove it as soon as possible. This approach can't be changed.

You can now download the quarantine from quarantine.rar — RGhost — файлообменник (http://rghost.ru/54497603) . Hit gray button "Скачать" (Download) under the name of the file, and the archive is yours. Link will be active for 14 days.

Terramex
22.04.2014, 13:40
Sorry, i've used the term "false positive" as DrWeb's description doesn't seem to match - at least as far as i can see:
Dr.Web Anti-virus - How To Remove Virus (Trojan.MulDrop5.5748) - [DRWEBHK.COM] (http://www.drwebhk.com/en/virus_techinfo/Trojan.MulDrop5.5748.html)