Window Washer Upgrade - Virus Warning

Discussion in 'NOD32 version 2 Forum' started by Lancashire, Aug 14, 2007.

Thread Status:
Not open for further replies.
  1. Lancashire

    Lancashire Registered Member

    Joined:
    Aug 14, 2007
    Posts:
    3
    I get a virus warning when I try to update Window Washer and it stops the download and connection, even when I turn off Nod32.

    Is this just a conflict or a ghost find?
     
  2. ASpace

    ASpace Guest

    Hello !

    Do you mean Webroot's Windows Washer (http://www.webroot.com/consumer/products/windowwasher) ?

    How exactly do you turn off NOD32 ?
    What is the virus warning you get ? Please be specific and if possible make a screenshot and attach it ?

    If you believe it is false positive alarm , you can temporary exclude its folder from scanning in AMON -> Setup -> Exclusions
     
  3. zapjb

    zapjb Registered Member

    Joined:
    Nov 15, 2005
    Posts:
    3,515
    Location:
    USA - Back in a real State in time for a real Pres
    I think NOD32 saved you.

    Ime/o ww is a pos.
     
  4. Lancashire

    Lancashire Registered Member

    Joined:
    Aug 14, 2007
    Posts:
    3
    This is what I receive and yes it is the one from link above:

    Prob unknown NewHeur_PE virus
     
    Last edited by a moderator: Aug 15, 2007
  5. Lancashire

    Lancashire Registered Member

    Joined:
    Aug 14, 2007
    Posts:
    3
    Thread updated.

    I then opened up Nod32 and closed it down to see if it would work but then the download link would not open.
     
  6. zapjb

    zapjb Registered Member

    Joined:
    Nov 15, 2005
    Posts:
    3,515
    Location:
    USA - Back in a real State in time for a real Pres
    I wouldn't doubt NOD32 on this.
     
  7. Ngwana

    Ngwana Registered Member

    Joined:
    Jul 5, 2006
    Posts:
    156
    Location:
    Glasgow, United Kingdom
    The executable seems to show version 4.09? The new version of Window Washer is 6.5. Like Zapjb suspects please confirm the update version. :cool:
     
  8. flyrfan111

    flyrfan111 Registered Member

    Joined:
    Jun 1, 2004
    Posts:
    1,224
    I tend to agree, downloaded it 4 times and got 4 different size files, something might be wrong with their server. Trust NOD on this one. Submitted 3 of the files I dl'd for analysis. 4th says it was corrupted.
     
  9. osip

    osip Registered Member

    Joined:
    Oct 25, 2006
    Posts:
    610
    I also used a retail link for ww 6.5 with ESSb...The very same result,either a FP or webroot has been ´hacked´...Hard to beleive,must be a FP...Managed to get the exe in spite of deleted download, and, the same when opening the file...
     
  10. flyrfan111

    flyrfan111 Registered Member

    Joined:
    Jun 1, 2004
    Posts:
    1,224
    Try uploading it to Jotti's or Virus total, I forgot too before I deleted the files.
     
  11. jlo

    jlo Registered Member

    Joined:
    Nov 29, 2004
    Posts:
    475
    Location:
    UK
    Hi,

    Just ran the file through Jotti Scanner and Nod is only AV that is detecting the file.

    Cheers

    Jlo

    Service load: 0% 100%

    File: wwsetup409_.exe
    Status: POSSIBLY INFECTED/MALWARE (Note: this file has been scanned before. Therefore, this file's scan results will not be stored in the database) (Note: this file was only flagged as malware by heuristic detection(s). This might be a false positive. Therefore, results of this scan will not be stored in the database)
    MD5: 89c6196ff80420d5d3529ef55f2bae60
    Packers detected: -
    Bit9 reports: File not found

    Scanner results
    Scan taken on 14 Aug 2007 17:51:43 (GMT)
    A-Squared Found nothing
    AntiVir Found nothing
    ArcaVir Found nothing
    Avast Found nothing
    AVG Antivirus Found nothing
    BitDefender Found nothing
    ClamAV Found nothing
    CPsecure Found nothing
    Dr.Web Found nothing
    F-Prot Antivirus Found nothing
    F-Secure Anti-Virus Found nothing
    Fortinet Found nothing
    Kaspersky Anti-Virus Found nothing
    NOD32 Found probably unknown NewHeur_PE (probable variant)
    Norman Virus Control Found nothing
    Panda Antivirus Found nothing
    Rising Antivirus Found nothing
    Sophos Antivirus Found nothing
    VirusBuster Found nothing
    VBA32 Found nothing
     
  12. Bubba

    Bubba Updates Team

    Joined:
    Apr 15, 2002
    Posts:
    11,271
    True but only in the file name. The file properties does show file version 6.5 :doubt:

    Hopefully Eset will acquire a sample so they can confirm whether it's an FP or not .

    WebWasher.gif

    Bubba
     
  13. dscrap

    dscrap Registered Member

    Joined:
    Nov 3, 2004
    Posts:
    156
    I just upgraded to Window Washer 6.5.0.1093 from version 6.0.5.609 and now washing with bleach set to 7 wipes is so slow. With the older version, it only took a few minutes to wipe 1000's of temp internet files. Now it is taking over 10x as long. I have been washing now for 25 minutes and haven't even washed 2000 items yet. This is ridiculous. I also got a false positive with NOD32 when I downloaded and installed the update from Webroots site. How long is everyone else taking to wash files?

    I have a Core 2 Duo at 2.4GHz and 4 GB of ram running Vista Ultimate...

    hgotn-0002.jpg

    hgotn-0003.jpg
     
  14. Bubba

    Bubba Updates Team

    Joined:
    Apr 15, 2002
    Posts:
    11,271
    To those concerned,

    With signatures 2461 applied....the wwsetup409_.exe file is no longer flagged by Imon\Amon.

    Bubba
     
  15. flyrfan111

    flyrfan111 Registered Member

    Joined:
    Jun 1, 2004
    Posts:
    1,224
    Thanks for the update Bubba.
     
  16. mrgigabyte

    mrgigabyte Registered Member

    Joined:
    Jan 11, 2006
    Posts:
    125
    dscrap you have the setting set to clean 7 times if you want it faster choose 3 times or the single pass is the fastest mrgigabyte:cool:
     
Thread Status:
Not open for further replies.