• Announcements

    • xper

      MSFN Sponsorship and AdBlockers!   07/10/2016

      Dear members, MSFN is made available via subscriptions, donations and advertising revenue. The use of ad-blocking software hurts the site. Please disable ad-blocking software or set an exception for MSFN. Alternatively, become a site sponsor and ads will be disabled automatically and by subscribing you get other sponsor benefits.
DigitalJ

Virus suspected in XP_INST_v04.7z

31 posts in this topic

Does anyone have a registered McAfee AV? Would someone contact them and report for a false positive?

It's probably 10th email going back and forth and they keep asking me for registration email to move further on, although I keep explaining in those semi-automatic emails what the case is. Next I get referred to a web page to submit the sample, which web page doesn't re-analyse it as most other AV vendors did, but rather scans it using current signatures and supposedly gets detected.

Then I reply with the results to the semi-automatic email, where yet another guy puts his name on top of a similar answer and asks me again for registration :(

At least there is some progress, 19/43 a few days ago, now 13/43:

http://www.virustotal.com/file-scan/report.html?id=aa68d27eeff208672bd0494a37ddf6f662135a965bb3387378cf43d605e54671-1288757982

0

Share this post


Link to post
Share on other sites

Moving forward, slowly, but moving :D, AVG and Ikarus replied, awaiting Sophos, Symantec and the troublesome McAfee.

0

Share this post


Link to post
Share on other sites

@ilko_t

If, for any reason, you don't do your computer properly seated on a chair :w00t:, please do take one and seat comfortably on it before accessing this :):

http://downloadcenter.mcafee.com/products/tools/foundstone/

Directory on McAfee site where free tools are available.

I was there getting a fresh copy of the excellent BinText utility (BinText303.zip) today, and noticed file (near the bottom of the list/page): warning.txt

I had a look at it:

PACKER DETECTION ALERT

The anti-virus scanner has detected a packer program. The file was not cleaned and has been removed.

Context: 'SharePointDiscovery.exe'

Detection(s): 'PE_Patch.Stolen.d (compressed file)'

See your system administrator for further information. Copyright 1999-2007 McAfee, Inc.All Rights Reserved.http://www.mcafee.com

Their Anti-virus detected a packer inside their own file!

...and obviously did NOT delete it as file SharePointDiscovery.exe has the same timestamp 21-Oct-2010 09:04 of warning.txt ...:whistle:

buehehe.gif

rofle.gif

jaclaz

0

Share this post


Link to post
Share on other sites

where is the download file.

WHICH "download file"?

The XP_INST_v04.7z?

Here:

jaclaz

0

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now

  • Recently Browsing   0 members

    No registered users viewing this page.