VipreRescueScanner Infected by W32.Almanahe.B!inf
Posted 30 April 2009 - 03:34 PM
I'm just frightened that some people have built an ISO with the virus on it...
But if I'm right, it looks like I was unliky as the build was corrected somewhat fast.
@bengt : no problem, I'm trying to be constructive (hum I wonder if this sentence is correct in english )
Posted 30 April 2009 - 04:49 PM
What Sunbelt said would certainly apply to the guessing that is currently going on and I don't know why that hasn't already been posted if it was available.
Posted 01 May 2009 - 02:00 AM
It seems it does not spread the infection if the file SBTE.dll is missing (it's a dll you can find if you extract VipreRescue.exe).
Posted 01 May 2009 - 02:37 AM
What is important is if the file distributed by Sunbelt that day was infected or not... or was the source of the infection something else.
The difference that the answer to that question makes can be enormous if it did actually come from them or not. Without information on what Sunbelt's reply to this actually is... this thread is meaningless.
So in very simple and direct words... What was in the reply that Sunbelt gave you in the email?
Without an answer to what the email contained... this thread is nothing more than conjecture and/or wild a$$ guesses that can only be categorized as someones wild conspiracy theory based only on some anomalous situation that happened on one computer.
Posted 02 May 2009 - 04:19 AM
I apologize for the inconveniences.
This is something
If you have more questions or need further assistance please feel free to contact me.
Tier I Consumer Technical Support
Email: [email protected]
Phone: +1 (877) 673-1153
33 N. Garden Ave.
Clearwater, Fl 33755
As you can see they admit that VipreRescueScanner.Exe was infected.
Posted 02 May 2009 - 05:56 AM
And I agree it's a not so old file that has been corrected since
But to be able to know if it has been corrected, we must accept that it has been infected, which it was not the case from you (and others) until Sunbelt admitted it !
What I've thought when posting here, it's to warm people like me who have updated their Vipre plugin with this infected file that they might be at risk
Imagine that some might have an ISO with that file and use it on several computer to disinfect friend computers ?
Maybe I'm wrong but I think some may be interested knowing that their file is maybe infected and they need to rebuild their ISO !
It's just a matter of being lucky or not...
To help those, I've found another thread talking about that problem, they're saying that 5106 and 5107 versions contains the virus.
If you think that I was wrong alerting about that, maybe you should rethink about your priorities.
Of course some users of VipreRescue which are not users of UBCD4Win are also at risk but I can't inform them but other mean that informing Sunbelt (which should have made some statement about the urge of updating the scanner on their website).
This post has been edited by sioban: 02 May 2009 - 06:13 AM
Posted 04 May 2009 - 01:12 PM
Seconded from me, I should have known that Avira was correct in detecting something - they are known for having a very low rate of false positives. Sorry I didn't read your whole series of posts first before posting. I haven't done anything with the one I downloaded at home yet, I'm debating whether to just delete it or if I want to stick it in a VM just to see what happens.
Posted 29 May 2009 - 09:44 AM
I would like to inform you that I think that the VipreRescueScanner.exe I've downloaded recently through the plugin of UBCD4WIN is infected by the virus W32.Almanahe.b!inf
This is the virustotal report : http://www.virustota...d6a00821525ec47
I say so because the virus was first seen by my AV some days ago (24/04/2009) but I've tested the iso today and my pc is now full of it
I just updated the plugin today (May 29, 2009) and my Symantec AV detected (and supposedly cleaned) the same virus.
This is scaring me off from using Vipre.