Jump to content

Welcome to MSFN Forum
Register now to gain access to all of our features. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more. This message will be removed once you have signed in.
Login to Account Create an Account


MSFN has viruses?

  • Please log in to reply
8 replies to this topic

Glen Saunders

Glen Saunders


  • Member
  • 13 posts
  • Joined 12-January 10
MSFN has tracking cookies, they where placed here by the owners of the site.

General Info
Web Site Location United States of America

Norton Safe Web has analyzed msfn.org for safety and security problems. Below is a sample of the threats that were found.


Threat Report

Total threats found: 1

Threats found: 1

Here is a complete list:
Threat Name: Infostealer
Location: http://unattended.ms...ed/bbucolor.exe <--- (Read the url)

How to remove advertisement from MSFN



    MSFN Junkie

  • Patrons
  • 3,283 posts
  • Joined 18-August 04
  • OS:Windows 7 x64
  • Country: Country Flag
Nice find MSE detects it as PWS:Win32/Inido!rts

We'll fix it...

Category: Password Stealer

Description: This program is dangerous and captures user passwords.

Recommendation: Permit this detected item only if you trust the program or the software publisher.

Microsoft Security Essentials detected programs that may compromise your privacy or damage your computer. You can still access the files that these programs use without removing them (not recommended). To access these files, select the 'Allow' action and click 'Apply actions'. If this option is not available, log on as administrator or ask the local administrator for help.

file:E:\bbucolor.exe->(7zSfx)->BBU Color Changer.exe
filelocalcopy:C:\ProgramData\Microsoft\Microsoft Antimalware\LocalCopy\{346E1D8D-837B-45EF-B2CC-99DE30DA0DF4}-bbucolor.exe
webfile:C:\ProgramData\Microsoft\Microsoft Antimalware\LocalCopy\{346E1D8D-837B-45EF-B2CC-99DE30DA0DF4}-bbucolor.exe|http://unattended.msfn.org/files/advanced/bbucolor.exe

Get more information about this item online.

Recommended Software: KeePass | Microsoft ICE | VisualWget | Vitamin D Video |



    WPI Guru

  • Developer
  • 8,973 posts
  • Joined 18-September 03
  • OS:Windows 7 x64
  • Country: Country Flag

All this time and I have had that on my drive?

Nod never detected it either.

I am very sorry to the OP. I never suspected that file as it came from a trusted source.

Edit: Nod detects it now as I try to move or delete it. I am glad I haven't used it for ages.

Edited by Kelsenellenelvian, 12 January 2010 - 12:17 PM.

Glen Saunders

Glen Saunders


  • Member
  • 13 posts
  • Joined 12-January 10
I'm just glad I could warn you!





  • Patrons
  • 4,916 posts
  • Joined 14-September 05
  • OS:none specified
  • Country: Country Flag
From here... (google) Appears that it still wouldn't fix your Colors anyway without modifying the checksum. Appears that no source code available.


Alternative here (Kel's link)

Edited by submix8c, 12 January 2010 - 12:42 PM.

Someday the tyrants will be unthroned... Jason "Jay" Chasteen; RIP, bro!

Posted Image



    MSFN Addict

  • Member
  • PipPipPipPipPipPipPip
  • 1,706 posts
  • Joined 19-March 09
  • OS:XP Pro x86
  • Country: Country Flag
Ye ye ye..CabTool 1.8 is also recognized as a virus by NOD32, but it doesn't mean it is. I even reported it HERE. After you install it, with Antivirus OFF, it works just fine.





  • Super Moderator
  • 3,143 posts
  • Joined 27-January 04
  • OS:Windows 7 x64
  • Country: Country Flag
24/41 - worry not, we'll get this fixed.



    Gustatus similis pullus

  • Patrons
  • 11,031 posts
  • Joined 09-September 01
  • OS:Windows 10 x64
  • Country: Country Flag


Note that the .exe in question was provided to AVG for analysis by a fellow moderator, and their response was that this was a false positive, for what it's worth, and detection of this would be fixed in the next signature update. I have updated the thread title to reflect this, and suggest anyone with antivirus software detecting this as a virus submit it to that A/V provider as well for deeper analysis.
MCTS Windows Internals, MCITP Server 2008 EA, MCTS MDT/BDD, MCSE/MCSA Server 2003, Server 2012, Windows 8
Please read the rules before posting!
Please consider donating to MSFN to keep it up and running!



    Insane Clown

  • Administrator
  • 2,604 posts
  • Joined 16-August 01
  • OS:Windows 10 x64
  • Country: Country Flag
I removed this file from server 3 weeks ago and yes symantec say it is on server. I love symantec ****.


Become an MSFN Sponsor Now! Keep Up MSFN Running

Read MSFN Forum Rules
Not a member? Donate here!

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users