Frontpage
Forums
Tutorials
Members
Calendar
Subscription
Donate
Links
Contact 
Help
Posted 12 January 2010 - 11:45 AM
MSFN has tracking cookies, they where placed here by the owners of the site.
General Info
Web Site Location United States of America
Norton Safe Web has analyzed msfn.org for safety and security problems. Below is a sample of the threats that were found.
msfn.org
Threat Report
Total threats found: 1
Threats found: 1
Here is a complete list:
Threat Name: Infostealer
Location: http://unattended.ms...ed/bbucolor.exe <--- (Read the url)
Page 1 of 1
MSFN has viruses? Update - likely incorrect, more analysis needed
Back to top
#2
- MSFN Junkie
-
- Group: Patrons
- Posts: 3,490
- Joined: 18-August 04
- OS:Windows 7 x64
-
Country:
Posted 12 January 2010 - 12:11 PM
Nice find MSE detects it as PWS:Win32/Inido!rts
We'll fix it...
We'll fix it...
Quote
Category: Password Stealer
Description: This program is dangerous and captures user passwords.
Recommendation: Permit this detected item only if you trust the program or the software publisher.
Microsoft Security Essentials detected programs that may compromise your privacy or damage your computer. You can still access the files that these programs use without removing them (not recommended). To access these files, select the 'Allow' action and click 'Apply actions'. If this option is not available, log on as administrator or ask the local administrator for help.
Items:
containerfile:E:\bbucolor.exe
file:E:\bbucolor.exe->(7zSfx)->BBU Color Changer.exe
filelocalcopy:C:\ProgramData\Microsoft\Microsoft Antimalware\LocalCopy\{346E1D8D-837B-45EF-B2CC-99DE30DA0DF4}-bbucolor.exe
webfile:C:\ProgramData\Microsoft\Microsoft Antimalware\LocalCopy\{346E1D8D-837B-45EF-B2CC-99DE30DA0DF4}-bbucolor.exe|http://unattended.msfn.org/files/advanced/bbucolor.exe
webfile:E:\bbucolor.exe|http://unattended.msfn.org/files/advanced/bbucolor.exe
Get more information about this item online.
Description: This program is dangerous and captures user passwords.
Recommendation: Permit this detected item only if you trust the program or the software publisher.
Microsoft Security Essentials detected programs that may compromise your privacy or damage your computer. You can still access the files that these programs use without removing them (not recommended). To access these files, select the 'Allow' action and click 'Apply actions'. If this option is not available, log on as administrator or ask the local administrator for help.
Items:
containerfile:E:\bbucolor.exe
file:E:\bbucolor.exe->(7zSfx)->BBU Color Changer.exe
filelocalcopy:C:\ProgramData\Microsoft\Microsoft Antimalware\LocalCopy\{346E1D8D-837B-45EF-B2CC-99DE30DA0DF4}-bbucolor.exe
webfile:C:\ProgramData\Microsoft\Microsoft Antimalware\LocalCopy\{346E1D8D-837B-45EF-B2CC-99DE30DA0DF4}-bbucolor.exe|http://unattended.msfn.org/files/advanced/bbucolor.exe
webfile:E:\bbucolor.exe|http://unattended.msfn.org/files/advanced/bbucolor.exe
Get more information about this item online.
#3
- WPI Guru
-
- Group: Developers
- Posts: 8,326
- Joined: 18-September 03
- OS:Windows 7 x64
-
Country:
Posted 12 January 2010 - 12:15 PM
What?
All this time and I have had that on my drive?
Nod never detected it either.
I am very sorry to the OP. I never suspected that file as it came from a trusted source.
Edit: Nod detects it now as I try to move or delete it. I am glad I haven't used it for ages.
All this time and I have had that on my drive?
Nod never detected it either.
I am very sorry to the OP. I never suspected that file as it came from a trusted source.
Edit: Nod detects it now as I try to move or delete it. I am glad I haven't used it for ages.
This post has been edited by Kelsenellenelvian: 12 January 2010 - 12:17 PM
#5
- Inconceivable!
-
- Group: Patrons
- Posts: 3,248
- Joined: 14-September 05
- OS:none specified
-
Country:
Posted 12 January 2010 - 12:39 PM
From here... (google) Appears that it still wouldn't fix your Colors anyway without modifying the checksum. Appears that no source code available.
Wups!
Alternative here (Kel's link)
Wups!
Alternative here (Kel's link)
This post has been edited by submix8c: 12 January 2010 - 12:42 PM
#6
- MSFN Addict
-
- Group: Supreme Sponsor
- Posts: 1,710
- Joined: 19-March 09
- OS:XP Pro x86
-
Country:
Posted 12 January 2010 - 01:03 PM
Ye ye ye..CabTool 1.8 is also recognized as a virus by NOD32, but it doesn't mean it is. I even reported it HERE. After you install it, with Antivirus OFF, it works just fine.
#8
- Gustatus similis pullus
-
- Group: Supervisor
- Posts: 11,208
- Joined: 09-September 01
- OS:Windows RT
-
Country:
-
Posted 14 January 2010 - 06:52 PM
Note that the .exe in question was provided to AVG for analysis by a fellow moderator, and their response was that this was a false positive, for what it's worth, and detection of this would be fixed in the next signature update. I have updated the thread title to reflect this, and suggest anyone with antivirus software detecting this as a virus submit it to that A/V provider as well for deeper analysis.
#9
- Insane Clown
-
- Group: Administrator
- Posts: 15,633
- Joined: 16-August 01
- OS:Windows 7 x64
-
Country:
-
Posted 25 February 2010 - 12:41 PM
I removed this file from server 3 weeks ago and yes symantec say it is on server. I love symantec ****.
Share this topic:
Page 1 of 1