Jump to content

MBAM scan says that yupdate-exec-yabrowser.exe is a trojan--seems to be a Yandex browser exe so not sure if trojan


Recommended Posts

I ran an MBAM scan today before I did my backup, which I always do. It flagged a file in the temp directory (Windows 7 x64) as being a trojan. The files name is "yupdate-exec-yabrowser.exe".

I let MBAM delete it and reboot my PC.

The exe seems to be part of Yandex Web Browser which I installed several weeks ago. I'm not sure if it was supposed to be flagged as a trojan or not? Maybe someone here on the forums can enlighten me?

I'm running a full-scan now (after Chameleon was ran and removed trojan) just to be extra safe. Then I plan on removing the Yandex browser as a precaution.

Any help would be appreciated as I would really like to use the Yandex browser. I've attached the log file showing the files name and that it was successfully deleted by MBAM.mbam-log-2012-11-03 (15-46-56).txt

Link to post
Share on other sites

UPDATE: after running the full scan it then found this C:\Users\michael\AppData\Local\Yandex\Updater\yupdate-exec.exe (Trojan.Backdoor) -> Quarantined and deleted successfully.

After rebooting I removed the Yandex browser to be safe. Then rebooted. Then ran MBAM Chameleon once more and it came up clean, so I proceeded to do my backup.

Would really like to use Yandex browser as long as it is not a trojan but a legitimate process.

Here's the log:

Malwarebytes Anti-Malware 1.65.1.1000

www.malwarebytes.org

Database version: v2012.11.03.08

Windows 7 Service Pack 1 x64 NTFS

Internet Explorer 9.0.8112.16421

michael :: MICHAEL-PC [administrator]

11/3/2012 4:25:57 PM

mbam-log-2012-11-03 (16-25-57).txt

Scan type: Full scan (C:\|D:\|)

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM

Scan options disabled: P2P

Objects scanned: 358614

Time elapsed: 38 minute(s), 26 second(s)

Memory Processes Detected: 0

(No malicious items detected)

Memory Modules Detected: 0

(No malicious items detected)

Registry Keys Detected: 0

(No malicious items detected)

Registry Values Detected: 0

(No malicious items detected)

Registry Data Items Detected: 0

(No malicious items detected)

Folders Detected: 0

(No malicious items detected)

Files Detected: 1

C:\Users\michael\AppData\Local\Yandex\Updater\yupdate-exec.exe (Trojan.Backdoor) -> Quarantined and deleted successfully.

(end)

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.