Rising - Lovegate Worm ?

Discussion in 'other anti-virus software' started by Tarnak, Jun 28, 2008.

Thread Status:
Not open for further replies.
  1. Tarnak

    Tarnak Registered Member

    Joined:
    Feb 5, 2007
    Posts:
    3,873
    Just installed Rising AV, after reading the other threads. Noticed that with WinPatrol and Anvir Task Manager that the Ravmond.exe is associated with Lovegate worm.

    Does this mean Rising AV is unsafe? Just wondering if anyone else noticed this?:doubt:
     

    Attached Files:

  2. PiCo

    PiCo Registered Member

    Joined:
    Apr 9, 2008
    Posts:
    352
    Location:
    Athens, Greece
    OMG! Chinese menace!!

    ..then again, maybe not :p

    See here

    But still, the one belonging to Rising AV is considered 51% dangerous :cautious:
     
  3. Firecat

    Firecat Registered Member

    Joined:
    Jan 2, 2005
    Posts:
    7,927
    Location:
    The land of no identity :D
    I'm pretty sure its an FP, but let us see.
     
  4. rno2

    rno2 Registered Member

    Joined:
    Apr 21, 2005
    Posts:
    13
    Interesting. I have Anvir installed and in mine, Ravmond.exe is shown with no risk at all. It shows that all of Rising AV tasks are no risk.
     
  5. zopzop

    zopzop Registered Member

    Joined:
    Apr 6, 2006
    Posts:
    632
    this has got to be a false positive. i mean for goodness sake, the makers of rising have a list of corporations and non-profits that are using their antivirus software on their site. :blink:
     
  6. dw426

    dw426 Registered Member

    Joined:
    Jan 3, 2007
    Posts:
    5,543
    That doesn't mean that the install file they upload to their website for users to download didn't get infected. I've seen this happen quite a few times before. We'll just have to see if it turns out to be an FP or not. Besides, don't put too much trust in a "recommended and used by" list.
     
  7. zopzop

    zopzop Registered Member

    Joined:
    Apr 6, 2006
    Posts:
    632
    you are right. in my haste i thought the OP meant that rising av itself is a rogue product. :oops:

    according to symantec's website :
    http://www.symantec.com/security_response/writeup.jsp?docid=2004-070112-3516-99&tabid=2

    and

    so you were right, it's possible he got an infected "rising av" exe.

    EDIT : where did the OP go to download his version of rising? i got mine from download.com and they claim to make sure the downloads on their site are spyware free. i've never had a problem with anything i've gotten from download.com
     
  8. dw426

    dw426 Registered Member

    Joined:
    Jan 3, 2007
    Posts:
    5,543
    That's a real good question, it's possible one of the mirrors Rising uses has a problem and the file was infected. It very well could also be that Rising itself accidentally got an infection on their end and when they uploaded it, there went the files. Download.com is not always the safest place, I've gotten smacked with bad stuff there.
     
  9. Tarnak

    Tarnak Registered Member

    Joined:
    Feb 5, 2007
    Posts:
    3,873
    I got my version from Brothersoft. I tried to get it from Download.com,but it would keep getting an error with Opera on dialup.

    Anyway, I checked the file with a multi-online scanner, and it comes up clean. Thanks to all who responded!:thumb::D
     

    Attached Files:

  10. virtumonde

    virtumonde Registered Member

    Joined:
    Jan 18, 2008
    Posts:
    501
    What is the problem other than some silly programs giving innacurate info?The path is in C:\Program Files\Rising,which has as described by Symantec and others nothing to do with the worm!!!!
    And between download .com and brothersoft there is a difference.I'msure that i can find some rogue products on brothersoft.
     
  11. dw2108

    dw2108 Registered Member

    Joined:
    Jan 24, 2006
    Posts:
    480
    It MUST be an FP. My system is clean, the Rising AV is working, and my FW hasn't given me any email outbound alerts. Moreover, my WinPatrol Scotty seems to like it, as do CBOClean, A-suared Antimalware, and a few other apps. Perhaps someone from Rising could clear up this issue.

    Dave
     
  12. computer geek

    computer geek Registered Member

    Joined:
    Oct 6, 2007
    Posts:
    776
    It must be an FP, why would they distrubute a worn? o_O Unless they've been hacked, which I find unlikely since nobody here has mentioned it and I haven't even received an e-mail!
     
  13. minacross

    minacross Registered Member

    Joined:
    May 12, 2002
    Posts:
    657
  14. minacross

    minacross Registered Member

    Joined:
    May 12, 2002
    Posts:
    657
    ~Private info removed. Please state in your own words any suggestions or solutions you may receive from security vendors. - Ron~
     
    Last edited by a moderator: Jun 30, 2008
  15. minacross

    minacross Registered Member

    Joined:
    May 12, 2002
    Posts:
    657
    I received an email today from Rising International Software Co.,Ltd stating that the file is clean and it may be FP.
    they will try to contact WinPatrol and Anvir Task Manager.
     
  16. minacross

    minacross Registered Member

    Joined:
    May 12, 2002
    Posts:
    657
    got an email from Katherine Li RISING ANTIVIRUS informing that WP replied to Rising and confirmed it's a FP and they gonna fix it. cool :thumb: :thumb: :D :D
     
  17. whoiam

    whoiam Registered Member

    Joined:
    Apr 9, 2008
    Posts:
    13
    Location:
    Sydney
Thread Status:
Not open for further replies.