• Announcements

    • xper

      MSFN Sponsorship and AdBlockers!   07/10/2016

      Dear members, MSFN is made available via subscriptions, donations and advertising revenue. The use of ad-blocking software hurts the site. Please disable ad-blocking software or set an exception for MSFN. Alternatively, become a site sponsor and ads will be disabled automatically and by subscribing you get other sponsor benefits.

Virus suspected in XP_INST_v04.7z

31 posts in this topic

Does anyone have a registered McAfee AV? Would someone contact them and report for a false positive?

It's probably 10th email going back and forth and they keep asking me for registration email to move further on, although I keep explaining in those semi-automatic emails what the case is. Next I get referred to a web page to submit the sample, which web page doesn't re-analyse it as most other AV vendors did, but rather scans it using current signatures and supposedly gets detected.

Then I reply with the results to the semi-automatic email, where yet another guy puts his name on top of a similar answer and asks me again for registration :(

At least there is some progress, 19/43 a few days ago, now 13/43:



Share this post

Link to post
Share on other sites

Moving forward, slowly, but moving :D, AVG and Ikarus replied, awaiting Sophos, Symantec and the troublesome McAfee.


Share this post

Link to post
Share on other sites


If, for any reason, you don't do your computer properly seated on a chair :w00t:, please do take one and seat comfortably on it before accessing this :):


Directory on McAfee site where free tools are available.

I was there getting a fresh copy of the excellent BinText utility (BinText303.zip) today, and noticed file (near the bottom of the list/page): warning.txt

I had a look at it:


The anti-virus scanner has detected a packer program. The file was not cleaned and has been removed.

Context: 'SharePointDiscovery.exe'

Detection(s): 'PE_Patch.Stolen.d (compressed file)'

See your system administrator for further information. Copyright 1999-2007 McAfee, Inc.All Rights Reserved.http://www.mcafee.com

Their Anti-virus detected a packer inside their own file!

...and obviously did NOT delete it as file SharePointDiscovery.exe has the same timestamp 21-Oct-2010 09:04 of warning.txt ...:whistle:





Share this post

Link to post
Share on other sites

where is the download file.

WHICH "download file"?

The XP_INST_v04.7z?




Share this post

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

  • Recently Browsing   0 members

    No registered users viewing this page.