Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Remove Download


  • Please log in to reply
19 replies to this topic

#1 Richard Fu

Richard Fu

  • Members
  • 135 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:20 AM

Posted 02 July 2008 - 09:47 AM

SiteAdvisor says that the program in the description installs Win fixer.

BC AdBot (Login to Remove)

 


#2 Grinler

Grinler

    Lawrence Abrams


  • Admin
  • 43,665 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:11:20 AM

Posted 02 July 2008 - 09:52 AM

I am confused as to what you are asking us.

#3 Richard Fu

Richard Fu
  • Topic Starter

  • Members
  • 135 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:20 AM

Posted 02 July 2008 - 10:01 AM

Posted Image

#4 nigglesnush85

nigglesnush85

  • Members
  • 4,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:04:20 PM

Posted 02 July 2008 - 12:22 PM

http://www.siteadvisor.com/sites/bleepingc...er.com/summary/ maybe a problem with siteadvisor.
Regards,

Alan.

#5 Grinler

Grinler

    Lawrence Abrams


  • Admin
  • 43,665 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:11:20 AM

Posted 02 July 2008 - 12:35 PM

Looking into it.

#6 Grinler

Grinler

    Lawrence Abrams


  • Admin
  • 43,665 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:11:20 AM

Posted 02 July 2008 - 12:37 PM

This is definitely a false positive.

#7 Grinler

Grinler

    Lawrence Abrams


  • Admin
  • 43,665 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:11:20 AM

Posted 02 July 2008 - 12:47 PM

Looks like McAfee has a false positive on their hands. Even worse is that page is not even live anymore.

http://www.virustotal.com/analisis/4ec4c4e...674ad3bf6f1f953

Antivirus Version Last Update Result 
AhnLab-V3 2008.7.2.0 2008.07.02 - 
AntiVir 7.8.0.64 2008.07.02 - 
Authentium 5.1.0.4 2008.07.02 - 
Avast 4.8.1195.0 2008.07.01 - 
AVG 7.5.0.516 2008.07.02 - 
BitDefender 7.2 2008.07.02 - 
CAT-QuickHeal 9.50 2008.07.02 - 
ClamAV 0.93.1 2008.07.02 - 
DrWeb 4.44.0.09170 2008.07.02 - 
eSafe 7.0.17.0 2008.07.02 - 
eTrust-Vet 31.6.5920 2008.07.02 - 
Ewido 4.0 2008.07.02 - 
F-Prot 4.4.4.56 2008.07.02 - 
F-Secure 7.60.13501.0 2008.07.01 - 
Fortinet 3.14.0.0 2008.07.02 - 
GData 2.0.7306.1023 2008.07.02 - 
Ikarus T3.1.1.26.0 2008.07.02 - 
Kaspersky 7.0.0.125 2008.07.02 - 
McAfee 5330 2008.07.02 potentially unwanted program Winfixer 
Microsoft None 2008.07.02 - 
NOD32v2 3236 2008.07.02 - 
Norman 5.80.02 2008.07.02 - 
Panda 9.0.0.4 2008.07.02 - 
Prevx1 V2 2008.07.02 - 
Rising 20.51.22.00 2008.07.02 - 
Sophos 4.30.0 2008.07.02 - 
Sunbelt 3.1.1509.1 2008.07.02 - 
Symantec 10 2008.07.02 - 
TheHacker 6.2.96.366 2008.07.02 - 
TrendMicro 8.700.0.1004 2008.07.02 - 
VBA32 3.12.6.8 2008.07.02 - 
VirusBuster 4.5.11.0 2008.07.02 - 
Webwasher-Gateway 6.6.2 2008.07.02 -

If you have an account on SiteAdvisor, do you mind posting a link to the virustotal analysis and how this is a false positive. I will go after Siteadvisor to fix this.

Thanks

#8 nigglesnush85

nigglesnush85

  • Members
  • 4,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:04:20 PM

Posted 02 July 2008 - 01:17 PM

I do have an account with them but have never posted there, there are already good reviews with one negative from what I can gather.

If you think it will help I'll post a reply, what do you want to be said?
Regards,

Alan.

#9 Grinler

Grinler

    Lawrence Abrams


  • Admin
  • 43,665 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:11:20 AM

Posted 02 July 2008 - 01:30 PM

Dont worry about it...dealing directly with siteadvisor on it.

#10 nigglesnush85

nigglesnush85

  • Members
  • 4,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:04:20 PM

Posted 02 July 2008 - 01:31 PM

Dont worry about it...dealing directly with siteadvisor on it.


Ok then no problem.
Regards,

Alan.

#11 melboy

melboy

  • Security Colleague
  • 27 posts
  • OFFLINE
  •  
  • Local time:04:20 PM

Posted 02 July 2008 - 04:41 PM

this might shed more light

http://www.siteadvisor.com/sites/regnow.com

and this

http://www.malwarebytes.org/forums/index.p...art=#entry14812

#12 Jubo

Jubo

  • Members
  • 28 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:20 AM

Posted 03 July 2008 - 07:33 AM

Thanks for reporting this. We'll try to do something about it at the McAfee forum too...

#13 KoanYorel

KoanYorel

    Bleepin' Conundrum


  • Members
  • 19,461 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:65 miles due East of the "Logic Free Zone", in Md, USA
  • Local time:12:20 PM

Posted 03 July 2008 - 11:00 AM

Just to add to the fun, PeoplePc.com is RED listed today. Too funny.
The only easy day was yesterday.

...some do, some don't; some will, some won't (WR)

#14 Grinler

Grinler

    Lawrence Abrams


  • Admin
  • 43,665 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:11:20 AM

Posted 03 July 2008 - 12:53 PM

I received this from mcafee yesterday:

Avert™ Sample Analysis
Issue Number:4705652
Virus Research Analyst: XXXXXXXXXXXXXX
Filename: Download_5.1.0.272f-5.1.0.272-sdregnow.exe
Identified: No Virus/Trojan

Avert™ Labs, Beaverton, OR

Thank you for submitting your suspicious file.

Synopsis -

Our Senior Virus Research Engineers have examined the file in question
and no virus was found.

Solution -

Attached is an extra.dat with correct detection. This correction will
be included in the next DAT update.



#15 david28

david28

    Forum Member


  • Banned
  • 1,614 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:50 AM

Posted 04 July 2008 - 06:34 PM

Grinler, whats the update on this situation?




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users