What is HeurEngine.Packed.Themida.RGa?

I ran SpyDoctor and it identified this file as being suspicious. What, if anything, should I do?

 

What file was it? Copy it's name and put it in here. If your real name is a part of the file name then just remove that part of it. Another method could be to run full scans with these. Download, install, update and run:

MBAM: http://majorgeeks.com/Malwarebytes_Anti-Malware_d5756.html
SAS: http://majorgeeks.com/SUPERAntiSpyware_d5116.html

If they don't find the file suspicious you should not delete or quarantine it.

 

see if this pertains to any programs you have installed.

http://www.forumgarden.com/forums/computers-internet/44749-computer-question.html

 

Cordialis:

Here are the entries under Spyware Doctor which wouldn't let me cut and paste, so had to stubby finger the info below:

Suspicious HeurEngine.Packed.Themedia.RGa (2 infections)

Startup Program
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\SharedDLLs, C:\Program Files\InterVideo\Common\Bin\SQPlus.dll = 1

File
C:\program files\intervideo\commom\bin\sqplus.dll

Notation reads: There are 1 threat(s) and 2 infections(s) in your computer

Thanks,

Blaine

 

It sounds like a false positive. If MBAM & SAS are silent about these files your should ignore them. However uploading them to Jotti for extra precaution is a good idea: http://virusscan.jotti.org/

 

Seems to be from an AVS Video Converter.

 

Hi gang

I ran a scan with PcTools Internet Security earlier today, and the same trojan poped up. It only shows up in "restore", so hard to find any other details.

I do not have AVS installed here, so it must be within some other program as well.

I'm not good at reading the restore files, but I got another trojan called PWS.WOW!ct, that is named A0015604.exe. The Themida is A0015605.exe. Is this just a file name given as restore file ?

Laird99

 

Might I suggest visiting the Malware forum here at MG's
Please do "The READ AND RUN ME FIRST" thread before posting.
These people really now there stuff.

P