http://www2.gmer.net/mbr/mbr.exe
is labeled as Win32:Crypt-CZU [trj]
Avast makes me abort the connection.
This tool is MBR by well-known company GMER, meant to fix MBR Rootkit.
http://www2.gmer.net/mbr/mbr.exe
is labeled as Win32:Crypt-CZU [trj]
Avast makes me abort the connection.
This tool is MBR by well-known company GMER, meant to fix MBR Rootkit.
Not only well known but well respected and Alwil use the GMER technology in the anti-rootkit element of avast (I can’t recall if they bought out the rootkit element or the company).
I suspect it is an FP, I take it this is a master boot record tool ?
Well I paused the web shield to get it down and have uploaded it to virustotal.
http://www.virustotal.com/analisis/99dfc1fde55de03552eea863c97c2eea
Although there are multiple hits 9/36 most are suspicious (heuristic), generic or packer method, etc. So I still think it could be an FP and should be submitted to avast.
I have tried using the new submission method in the alert window.