Trojan attack from commercial video editor

[Ike]

Yesterday I fired up MAGIX Movie Edit Pro 17 Plus. It popped up a
notice that it had been over 30 days since I checked if there was an
update. I clicked the button to "Check Now" and immediately MS
Security Essentials went into action. It notified me that it had
removed:

Trojan:JS/IframeRef
http://www.microsoft.com/security/p...?name=Trojan:JS/IframeRef&threatid=2147638646

You guys know a lot more about this stuff than I do. Is this a false
positive? Google does not have any results when doing a search on this
combo.

 

[Ike]

Maybe but we have to see the URL.

The name "Trojan:JS/IframeRef" refers to an JavaScript IFrame referral.

The detection could be for the GET request or the reply.

I do not have the URL it was trying to access. The only additional
info I can provide is what MSSE provided:

Category: Trojan

Description: This program is dangerous and executes commands from an
attacker.

Recommended action: Remove this software immediately.

Security Essentials detected programs that may compromise your privacy
or damage your computer. You can still access the files that these
programs use without removing them (not recommended). To access these
files, select the Allow action and click Apply actions. If this option
is not available, log on as administrator or ask the security
administrator for help.

Items:
file:C:\Documents and Settings\Ike\Local Settings\Temporary Internet
Files\Content.IE5\C6L8DE5F\services_info[1].htm
file:C:\Documents and Settings\Ike\Local Settings\Temporary Internet
Files\Content.IE5\S3RA9VGW\services_info[1].htm

I can only add that I bought this software at a big box store. It is
not a pirated copy.