rjsiii 18 Report post Posted May 24, 2011 Hello folks, I recently went to try out the Miro (formerly Democracy Player) multiplatform media manager/player under Windows 7. During the install, Immunet 3.0 quarantined the file zugo-silent.exe after detecting it as W32.Searchbar. The authors of Miro are upfront that they'd like people to install their bing searchbar as they're a non-profit and want the revenue. I said "no" to the prompts, but it seems zugo-silent installs anyway. I did see one thread on the AVG boards to the effect that Miro is using zugo-silent in some capacity as a part of their installer/update system. Was this a heuristic detection based on something installing a browser helper object, or is this company (Zugo) known to be producing malware? The file is still in quarantine, please let me know if you need it. Thanks! Quote Share this post Link to post Share on other sites
sweidre 34 Report post Posted May 24, 2011 Was this a heuristic detection based on something installing a browser helper object, or is this company (Zugo) known to be producing malware? The file is still in quarantine, please let me know if you need it. Thanks! Hi strat, I suggest, that you send the file compressed into a zip- or 7z- file as an attachment in an email to support@samples.immunet.com .Immunet Analysis Team will then within 2 hours send the result to you (malware or false postive) during US Mountain Time Mon-Fri 9-5. Automatically Immunet will send the report to the Immunet cloud as well. Cheers, sweidre Quote Share this post Link to post Share on other sites