DriverGuide
English Português Español Deutsch Français 中国 Italiano 日本語 Translate
  


DriverGuide Forums



Go Back   Free Drivers Download | Request and Support Forums > Computer Software Forums > Viruses, Spyware, Adware, and other nasties

  #1  
Old 10-05-2007
mikesg mikesg is offline
Junior Member
 
Join Date: Oct 2007
Posts: 4
mikesg is on a distinguished road
Default Driver download infected.

I downloaded a driver just the other day from driverguide and I have found that the file is infected. The actual download is 68mu111c.exe. I believe it was a driver for an Agere (lucent) 56k modem. If not for the modem, the only other driver I downloaded was for an onboard sound chipset. Here is the information on the infection:

[url]http://www.ca.com/us/securityadvisor/pest/pest.aspx?id=1784[/url]

I detected this with Pest Patrol. Also, the driver did NOT work with the modem, and I am not sure if I rated this driver as good or not. Please beware and scan your downloads.

I still have the driver and haven't deleted it yet, in case I need to produce it so that it can be examined by the site admins.

Last edited by mikesg : 10-05-2007 at 08:15 AM.
Reply With Quote
Sponsored Links
    
  #2  
Old 10-05-2007
Jerry K's Avatar
Jerry K Jerry K is offline
Super Moderator
 
Join Date: Sep 2003
Posts: 37,070
Jerry K is on a distinguished road
Default Re: Driver download infected.

Your information is possibly incorrect.

1st. driverguide.com does not host any files with infections. Every file is scanned throughly as soon as it is uploaded using modern detection methods. If an infection is found, the upload is refused.

2nd. there is no file (68mu111c.exe) hosted by driverguide.com for an Agere (lucent) 56 modem... there is for sound/video.

Here is all data contained within our database for file: 68mu111c.exe

Manufacturer: VIA Technologies
Device Type: Sound
Operating Systems: Win95, Win98
Uploader Notes: works with trident cyberblade i7 agp video card.
File Name: 68mu111c.exe
Uploader member name: moy
Upload date: Dec 27, 2000
[url]http://members.driverguide.com/driver/detail.php?driverid=22708[/url]

Model: VIA VT82C686A
Manufacturer: VIA Technologies
Device Type: Sound
Operating Systems: Win3.1, Win95, Win98, Win98SE, WinME, WinNT3.51, WinNT4, Win2000, WinXP, Win2003
File Name: 68mu111c.exe
Upload member name: Yevgeniy Sedov
Upload date: Jan 6, 2001
[url]http://members.driverguide.com/driver/detail.php?driverid=22125[/url]

I can only say this. If one of these file does contain an infection, then there's 2 possibilities:

1: Since both files were uploaded 6-7 years ago, it's possible an infection slipped thru our THEN current detection method.
or
2: Your detection software could be reporting an error.

I can also say this: no members that downloaded this file and left a comment, stated that either file was infected.

Last edited by Jerry K : 10-05-2007 at 07:17 PM.
Reply With Quote
  #3  
Old 10-08-2007
Jerry K's Avatar
Jerry K Jerry K is offline
Super Moderator
 
Join Date: Sep 2003
Posts: 37,070
Jerry K is on a distinguished road
Default Re: Driver download infected.

I had administration scan both files with MODERN updated anti-virus software. These files scan clean.
Reply With Quote
  #4  
Old 10-11-2007
mikesg mikesg is offline
Junior Member
 
Join Date: Oct 2007
Posts: 4
mikesg is on a distinguished road
Default Re: Driver download infected.

Hi Jerry K and thanks for your update.

1st.) It is VERY possible that my detection method is reporting an error, as well as it is possible that your modern detection software is also NOT reporting an error.

2nd.) I have been unable to detect ANYTHING in this file with Norton, Kaspersky, or PCcillin. As you may or may not know, I own my own computer company, and there are many versions of scan software out there which you can scan your own pc with different ones, where one will detect something that the other doesn't. Any good repair technician will tell you that you can scan your computer fifty times with one scan tool and not detect anything, and then scan with a different tool and it will detect things that the others didn't.

3rd.) I have just scanned the file again with ETrust Pest Patrol, and here is a screenshot of the scanned file, also in the screenshot, there are links to the information about this detected file that are clickable, so I have included these links below:

SCREENSHOT: [url]http://ultimateaudio.pointclark.net/mikesg72/68mu111c.jpg[/url]
BACKGROUND INFO: [url]http://www.ca.com/us/securityadvisor/pest/pest.aspx?id=1784[/url]
FILE ANALYSIS MD5: [url]http://research.pestpatrol.com/FileInfo/FileInfo.asp?MD5=9bfab4f22e0bbc6020e52df66ab1db01[/url] (This is the page it takes you to when you click on "MD5". In the top right it says SECURITY ADVISOR and the threat indicator shows the risk level.)
FILE ANALYSIS PVT: [url]http://research.pestpatrol.com/FileInfo/FileInfo.asp?PVT=-788265387[/url]
THREATENS: Confidentiality, Integrity, Availability, Productivity, Liability [url]http://research.pestpatrol.com/WhitePapers/About_Pest_Threats.asp[/url]

The file itself does NOT contain a virus, but a dropper:
Please See this page: [url]http://en.wikipedia.org/wiki/Dropper[/url]


Clicking the last few links will all automatically forward you to the same page, except for the "Background Info, and the screenshot, which I have provided."

I use PestPatrol Corporate Edition, and I have since its infancy. I have seen VERY few false positives using this program and I use this program because it will successfully detect objects inside executable or "packaged files" where others wouldn't. I have been working on computers for around 25 years, before the Commodore 64's and Tandy 100s'. Call it what you will, but I tend to trust my own experience and programs that have led me to become the number 1 computer repair business in 6 cities.

Said that, I apologize if you mistook my first post as an attack on driverguide because it was not intended in that manner. I also mentioned that I downloaded some other drivers as well, one of them was an audio driver. This was my first and last post in the forums and had I not thought of it as being important, I wouldn't have bothered however, since I have been using driverguide for many years, referring others, and helping people in the new "DriverChat" I thought I'd post this to help out.

This could very well be a false positive, but I'll let you decide while I trust my own experience and judgement.

Thank you for your time.

~~mike~~

P.S. In my experience, I have tested just about every type of scanware that has come available, and PestPatrol is the number one pest scanning software that I have used, Ewido has proven to be right up there and possibly a close second, until they sold out to (I believe it was) AVG.

If you would like a copy of Pest Patrol send me an email to extreme_negotiations(-NOSPAM-)yahoo.com and I'll give you the link.

Last edited by mikesg : 10-11-2007 at 06:05 PM.
Reply With Quote
  #5  
Old 10-11-2007
Jerry K's Avatar
Jerry K Jerry K is offline
Super Moderator
 
Join Date: Sep 2003
Posts: 37,070
Jerry K is on a distinguished road
Default Re: Driver download infected.

Thanks for the report and links mikesg,

No offense taken. We welcome reports like this as it only makes driverguide.com a safer place to visit. You are 100% correct my friend. Every virus scanner can and usually does give a different report. However, our administration uses a modern scanning method and then double checks a file when reported. If they say it's safe, I trust their judgment. There's not much else I can do other than tell members downloading this file "that you have been warned" and let them decide if they want to use it or not.

I did download both files and scanned them with Norton 2007 and it did not report any problem (but that's Norton).

And thanks for the offer for Pest Patrol but I already have it on cd-rom disk.

And I have posted notices on the download pages referencing this thread.

Peace bro

Last edited by Jerry K : 10-11-2007 at 07:25 PM.
Reply With Quote
Reply [Upload Driver/Firmware]



Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes Rate This Thread
Rate This Thread:

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is On
HTML code is Off


All times are GMT. The time now is 02:43 PM.



2017 DriverGuide is an iCentric Corporation Company.     All rights reserved.    


Powered by vBulletin Version 3.0.1
Copyright ©2000 - 2017, Jelsoft Enterprises Ltd.