Rising - Lovegate Worm ?

Just installed Rising AV, after reading the other threads. Noticed that with WinPatrol and Anvir Task Manager that the Ravmond.exe is associated with Lovegate worm.

Does this mean Rising AV is unsafe? Just wondering if anyone else noticed this?

 

OMG! Chinese menace!!

..then again, maybe not

See here

But still, the one belonging to Rising AV is considered 51% dangerous

 

I'm pretty sure its an FP, but let us see.

 

Interesting. I have Anvir installed and in mine, Ravmond.exe is shown with no risk at all. It shows that all of Rising AV tasks are no risk.

 

this has got to be a false positive. i mean for goodness sake, the makers of rising have a list of corporations and non-profits that are using their antivirus software on their site.

 

That doesn't mean that the install file they upload to their website for users to download didn't get infected. I've seen this happen quite a few times before. We'll just have to see if it turns out to be an FP or not. Besides, don't put too much trust in a "recommended and used by" list.

 

you are right. in my haste i thought the OP meant that rising av itself is a rogue product.

according to symantec's website :
http://www.symantec.com/security_response/writeup.jsp?docid=2004-070112-3516-99&tabid=2

and

so you were right, it's possible he got an infected "rising av" exe.

EDIT : where did the OP go to download his version of rising? i got mine from download.com and they claim to make sure the downloads on their site are spyware free. i've never had a problem with anything i've gotten from download.com

 

That's a real good question, it's possible one of the mirrors Rising uses has a problem and the file was infected. It very well could also be that Rising itself accidentally got an infection on their end and when they uploaded it, there went the files. Download.com is not always the safest place, I've gotten smacked with bad stuff there.

 

I got my version from Brothersoft. I tried to get it from Download.com,but it would keep getting an error with Opera on dialup.

Anyway, I checked the file with a multi-online scanner, and it comes up clean. Thanks to all who responded!

 

What is the problem other than some silly programs giving innacurate info?The path is in C:\Program Files\Rising,which has as described by Symantec and others nothing to do with the worm!!!!
And between download .com and brothersoft there is a difference.I'msure that i can find some rogue products on brothersoft.

 

It MUST be an FP. My system is clean, the Rising AV is working, and my FW hasn't given me any email outbound alerts. Moreover, my WinPatrol Scotty seems to like it, as do CBOClean, A-suared Antimalware, and a few other apps. Perhaps someone from Rising could clear up this issue.

Dave

 

It must be an FP, why would they distrubute a worn? Unless they've been hacked, which I find unlikely since nobody here has mentioned it and I haven't even received an e-mail!

 

please submit a support ticket at
http://support.rising-global.com/index.php?_m=tickets&_a=submit
and let's wait and see what they will say

 

~Private info removed. Please state in your own words any suggestions or solutions you may receive from security vendors. - Ron~

 

I received an email today from Rising International Software Co.,Ltd stating that the file is clean and it may be FP.
they will try to contact WinPatrol and Anvir Task Manager.

 

got an email from Katherine Li RISING ANTIVIRUS informing that WP replied to Rising and confirmed it's a FP and they gonna fix it. cool

 

Rising really has fast response for FP , see Declaration – False Positive about Rising process RavMonD.exe :
http://www.rising-global.com/Published/InformationCenter/NewsEvents/2008-07-04/20080704180017.htm