General discussion

Freeripmp3 Infected with mywayweb search Trojan

4/12/08 Avast 4.8.1169.0 2008.04.12 Win32:Trojan-gen {Other}

SO I Had the file scanned at VirusTotal AND Jotti (Results below)
I posted in CNETS "Spyware, viruses, & security" Forum, the topic
"Freeripmp3 from Cnet/Downloads.com"
http://forums.cnet.com/5208-6132_102-0.html?forumID=32&threadID=292043&messageID=2755234#2755234

AND Avasts "Viruses and Worms" Support Forum, under the same topic
"Freeripmp3 from Cnet/Downloads.com"
http://forum.avast.com/index.php?topic=34882.0

===RESULTS===
===VirusTotal===
AhnLab-V3 2008.4.12.0 2008.04.11 -
AntiVir 7.6.0.85 2008.04.11 DR/MyWebSearch.1793776
Authentium 4.93.8 2008.04.11 -
Avast 4.8.1169.0 2008.04.12 Win32:Trojan-gen {Other}
AVG 7.5.0.516 2008.04.12 -
BitDefender 7.2 2008.04.12 -
CAT-QuickHeal 9.50 2008.04.12 -
ClamAV 0.92.1 2008.04.12 -
DrWeb 4.44.0.09170 2008.04.12 Adware.MyWay
eSafe 7.0.15.0 2008.04.09 -
eTrust-Vet 31.3.5692 2008.04.11 -
Ewido 4.0 2008.04.12 -
F-Prot 4.4.2.54 2008.04.11 -
F-Secure 6.70.13260.0 2008.04.11 -
FileAdvisor 1 2008.04.12 -
Fortinet 3.14.0.0 2008.04.12 Adware/MyWebSearch
Ikarus T3.1.1.26 2008.04.12 not-a-virus:AdTool.Win32.MyWebSearch.br
Kaspersky 7.0.0.125 2008.04.12 not-a-virus:AdTool.Win32.MyWebSearch.br
McAfee 5272 2008.04.11 -
Microsoft 1.3408 2008.04.12 -
NOD32v2 3020 2008.04.11 -
Norman 5.80.02 2008.04.12 -
Panda 9.0.0.4 2008.04.12 -
Prevx1 V2 2008.04.12 Heuristic: Suspicious File With Bad Parent Associations
Rising 20.39.52.00 2008.04.12 -
Sophos 4.28.0 2008.04.12 -
Sunbelt 3.0.1041.0 2008.04.12 -
Symantec 10 2008.04.12 -
TheHacker 6.2.92.275 2008.04.12 -
VBA32 3.12.6.4 2008.04.06 -
VirusBuster 4.3.26:9 2008.04.12 -
Webwasher-Gateway 6.6.2 2008.04.11 Trojan.Dropper.MyWebSearch.1793776

===Jotti===
Scan taken on 19 Apr 2008 22:05:55 (GMT)
A-Squared Found Infected
AntiVir Found DR/MyWebSearch.1793776
ArcaVir Found nothing
Avast Found nothing
AVG Antivirus Found nothing
BitDefender Found nothing
ClamAV Found nothing
CPsecure Found AdTool.W32.MyWebSearch.br
Dr.Web Found Adware.MyWay
F-Prot Antivirus Found nothing
F-Secure Anti-Virus Found not-a-virus:AdTool.Win32.MyWebSearch.br (6, 2, 615)
Fortinet Found Adware/MyWebSearch
Ikarus Found not-a-virus:AdTool.Win32.MyWebSearch.br
Kaspersky Anti-Virus Found nothing
NOD32 Found nothing
Norman Virus Control Found nothing
Panda Antivirus Found nothing
Sophos Antivirus Found nothing
VirusBuster Found nothing
VBA32 Found nothing

Discussion is locked

Follow
Reply to: Freeripmp3 Infected with mywayweb search Trojan
PLEASE NOTE: Do not post advertisements, offensive materials, profanity, or personal attacks. Please remember to be considerate of other members. If you are new to the CNET Forums, please read our CNET Forums FAQ. All submitted content is subject to our Terms of Use.
Reporting: Freeripmp3 Infected with mywayweb search Trojan
This post has been flagged and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.
Sorry, there was a problem flagging this post. Please try again now or at a later time.
If you believe this post is offensive or violates the CNET Forums' Usage policies, you can report it below (this will not automatically remove the post). Once reported, our moderators will be notified and the post will be reviewed.
Comments
- Collapse -
freerip 3.07
- Collapse -
It's noted on the download page...

Sometimes the editors will permit an application to be posted on download.com, despite containing adware/spyware, provided the proper warnings are included. In this case, and as noted on the download.com product page, the installation of MySearch/MyWay/MyWebSearch is an optional addon during the installation process. Depending on which scanner you use it's classified as a potentially unwanted program, adware, spyware, or a trojan, although the last description is a little excessive in my opinion. Regardless, it's not a significant threat and is completely optional to be installed.

John

- Collapse -
Freerip 3.07

Hello John, Thanks for the reply and info.
I althought it does not say it's optional, I know what you are
saying.
CNET says "Tested spyware free"
"Note: This software comes with MySearch browser toolbar, that can be installed or uninstalled at the user's choice."

however, it does not say optional, or you can choose not to install
it. at best you have to read in between the lines and assume, they
are implying you can choose not to install it.
And it looks like a decent and decelty recommended "free" program.
I have a computer that was given to me that was infected, I am getting ready to format, maybe I'll try it on there and see.
IF it does give you the option to install or not, and if we have
search problems or spyware, virus, or scann ing problems,
I'll let you know. Although most of us, since this is embedded,
don't want ANYTHING to do with ANYTHING like this, even if it is
optional.
Thanks for pointing that out to people.

- Collapse -
I'm hesitant with such, but...

Some of my favorite freeware, including Daemon Tools and CCleaner, bundle third-party advertising software ('optional' during installation) that flags some malware scanners. Thus, to be sure, I usually throw it in a sandbox or virtual machine before installing it straight up. You have an excellent point regardless, though: 'tested spyware free' doesn't quite mean what it used to.

John

- Collapse -
Sandbox and Virtual machine

[QUOTE]Thus, to be sure, I usually throw it in a sandbox or virtual machine before installing it straight up[/QUOTE]
I ABSOLUTELY LOVE CCLEANER, for years now.
Now that you mention it, you can get it with a toolbar (yahoo).?
right?
Sandbox /Virtual machine...What does this mean and how do I do this ?

- Collapse -
Sandboxes and virtual machines...

CCleaner: Yep...they started bundling it with Yahoo's toolbar some months ago, over doubling its file size and annoying many, even though you can opt out.

Sandboxes: Check out Sandboxie (freeware). In short, it lets you install/run software in a 'sandbox' where it cannot directly affect the rest of your system. (All changes it tries to make are actually made to duplicate copies of the files.) Not foolproof, but it's a good safety net.

Virtual machines: Using software such as VMWare Server or VirtualPC, you can install an OS to a file on your computer and then run the OS using VMWare Server/Virtual PC 'on top of' your current OS in a separate window. Example: I'm running Vista, but have XP in a virtual machine. At any given second I can open the window containing the running copy of XP and install/run software that, which is separate from everything I have under Vista. Something goes wrong I simply kill the virtual machine containing XP and Vista never flinches. (Any OS will do, not just Vista and XP.) More complicated, takes up several GBs instead of MBs, and requires multiple OS licenses, but has a lot of benefits.

Hope this helps,
John

CNET Forums

Forum Info