Jump to content

MSFN has viruses?


Glen Saunders

Recommended Posts

MSFN has tracking cookies, they where placed here by the owners of the site.

General Info

Web Site Location United States of America

Norton Safe Web has analyzed msfn.org for safety and security problems. Below is a sample of the threats that were found.

msfn.org

Threat Report

Total threats found: 1

Threats found: 1

Here is a complete list:

Threat Name: Infostealer

Location: http://unattended.msfn.org/files/advanced/bbucolor.exe <--- (Read the url)

Link to comment
Share on other sites


Nice find MSE detects it as PWS:Win32/Inido!rts

We'll fix it...

Category: Password Stealer

Description: This program is dangerous and captures user passwords.

Recommendation: Permit this detected item only if you trust the program or the software publisher.

Microsoft Security Essentials detected programs that may compromise your privacy or damage your computer. You can still access the files that these programs use without removing them (not recommended). To access these files, select the 'Allow' action and click 'Apply actions'. If this option is not available, log on as administrator or ask the local administrator for help.

Items:

containerfile:E:\bbucolor.exe

file:E:\bbucolor.exe->(7zSfx)->BBU Color Changer.exe

filelocalcopy:C:\ProgramData\Microsoft\Microsoft Antimalware\LocalCopy\{346E1D8D-837B-45EF-B2CC-99DE30DA0DF4}-bbucolor.exe

webfile:C:\ProgramData\Microsoft\Microsoft Antimalware\LocalCopy\{346E1D8D-837B-45EF-B2CC-99DE30DA0DF4}-bbucolor.exe|http://unattended.msfn.org/files/advanced/bbucolor.exe

webfile:E:\bbucolor.exe|http://unattended.msfn.org/files/advanced/bbucolor.exe

Get more information about this item online.

Link to comment
Share on other sites

What?

All this time and I have had that on my drive?

Nod never detected it either.

I am very sorry to the OP. I never suspected that file as it came from a trusted source.

Edit: Nod detects it now as I try to move or delete it. I am glad I haven't used it for ages.

Edited by Kelsenellenelvian
Link to comment
Share on other sites

Note that the .exe in question was provided to AVG for analysis by a fellow moderator, and their response was that this was a false positive, for what it's worth, and detection of this would be fixed in the next signature update. I have updated the thread title to reflect this, and suggest anyone with antivirus software detecting this as a virus submit it to that A/V provider as well for deeper analysis.

Link to comment
Share on other sites

  • 1 month later...

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...