Is not harmless s---t in this softvare
Infected with WS.Reputation.1 virus?
WS.Reputation.1 is a risky computer threat that make chaos on targeted computer without asking for permission. When inside, it modifies computer default setting and disables your firewall. The virus has been created to promote cyber criminal. After WS.Reputation.1 is installed, your computer may start acting sluggish and slow. Virus like this one is designed by advanced technology. No security tool can get it off. Even though WS.Reputation.1 can be reported, it will come back each time you reboot the machine.
(07-11-2015 07:44 AM)xiaofang Wrote: [ -> ]Is not harmless s---t in this softvare
Infected with WS.Reputation.1 virus?
WS.Reputation.1 is a risky computer threat that make chaos on targeted computer without asking for permission. When inside, it modifies computer default setting and disables your firewall. The virus has been created to promote cyber criminal. After WS.Reputation.1 is installed, your computer may start acting sluggish and slow. Virus like this one is designed by advanced technology. No security tool can get it off. Even though WS.Reputation.1 can be reported, it will come back each time you reboot the machine.
Thank you for trying to increase your post count!
If you look at the VT scan you will NOT find WS.Reputation.1 or anything like this!
This is what VT detects:
a variant of MSIL/Packed.Confuser.J suspicious - false positive (says that it is packed with confuser)
Win32.Application.InstallCore.EG - false positive (this is the installation core we use)
TR/Downloader.A.16951 - false positive
General
Alias:
Similar detection:
• TR/Downloader.Gen
Side effects:
• Downloads malicious files (TR/Downloader.A.16951 - false positive ) lol
Remove AdWare.Win32.InstallCore (Virus Removal Guide)
AdWare.Win32.InstallCore is a specific detection used by Microsoft Security Essentials, Emsisoft Anti-Malware and other antivirus products to indicate and detect an adware program.
AdWare.Win32.InstallCore is a program that contains adware, installs toolbars or will display pop-up advertisements on the computer.
AdWare.Win32.InstallCore it’s technically not a virus, but it does exhibit plenty of malicious traits, such as rootkit capabilities to hook deep into the operating system, browser hijacking, and in general just interfering with the user experience. The industry generally refers to it as a “PUP,” or potentially unwanted program.
The AdWare.Win32.InstallCore infection is designed specifically to make money. It generates web traffic, collects sales leads for other dubious sites, and will display advertisements and sponsored links within your web browser.
AdWare.Win32.InstallCore got on your computer after you have installed a freeware software (video recording/streaming, download-managers or PDF creators) that had bundled into their installation this browser hijacker. This Potentially Unwanted Propgram is also bundled within the custom installer on many download sites (examples: CNET, Brothersoft or Softonic), so if you have downloaded a software from these websites, chances are that AdWare.Win32.InstallCore was installed during the software setup process.
AdWare.Win32.InstallCore is an ad-supported (users may see additional banner, search, pop-up, pop-under, interstitial and in-text link advertisements) cross web browser plugin for Internet Explorer (BHO) and Firefox/Chrome (plugin) and distributed through various monetization platforms during installation. The browser extension includes various features that will modify the default or custom settings of the browser including the home page, search settings and in some cases will modify Internet Explorer’s load time threshold, place a lock file within Firefox to prevent competing software from changing its settings as well as disable the browser’s Content Security Policy in order to allow for cross site scripting of the plugin.
Besides showing harmless ads, AdWare.Win32.InstallCore may also collect user specific information with or without the user’s consent. This infection sends the collected user information to a central server for the purpose of delivering targeted advertising.
You should always pay attention when installing software because often, a software installer includes optional installs, such as this AdWare.Win32.InstallCore browser hijacker. Be very careful what you agree to install.
Always opt for the custom installation and deselect anything that is not familiar, especially optional software that you never wanted to download and install in the first place. It goes without saying that you should not install software that you don’t trust.
eset antivirues
sorry i mean eset antivirus detect as a virus
(07-11-2015 09:24 PM)xiaofang Wrote: [ -> ]General
Alias:
Similar detection:
• TR/Downloader.Gen
Side effects:
• Downloads malicious files (TR/Downloader.A.16951 - false positive ) lol
Remove AdWare.Win32.InstallCore (Virus Removal Guide)
AdWare.Win32.InstallCore is a specific detection used by Microsoft Security Essentials, Emsisoft Anti-Malware and other antivirus products to indicate and detect an adware program.
AdWare.Win32.InstallCore is a program that contains adware, installs toolbars or will display pop-up advertisements on the computer.
AdWare.Win32.InstallCore it’s technically not a virus, but it does exhibit plenty of malicious traits, such as rootkit capabilities to hook deep into the operating system, browser hijacking, and in general just interfering with the user experience. The industry generally refers to it as a “PUP,” or potentially unwanted program.
The AdWare.Win32.InstallCore infection is designed specifically to make money. It generates web traffic, collects sales leads for other dubious sites, and will display advertisements and sponsored links within your web browser.
AdWare.Win32.InstallCore got on your computer after you have installed a freeware software (video recording/streaming, download-managers or PDF creators) that had bundled into their installation this browser hijacker. This Potentially Unwanted Propgram is also bundled within the custom installer on many download sites (examples: CNET, Brothersoft or Softonic), so if you have downloaded a software from these websites, chances are that AdWare.Win32.InstallCore was installed during the software setup process.
AdWare.Win32.InstallCore is an ad-supported (users may see additional banner, search, pop-up, pop-under, interstitial and in-text link advertisements) cross web browser plugin for Internet Explorer (BHO) and Firefox/Chrome (plugin) and distributed through various monetization platforms during installation. The browser extension includes various features that will modify the default or custom settings of the browser including the home page, search settings and in some cases will modify Internet Explorer’s load time threshold, place a hide file within Firefox to prevent competing software from changing its settings as well as disable the browser’s Content Security Policy in order to allow for cross site scripting of the plugin.
Besides showing harmless ads, AdWare.Win32.InstallCore may also collect user specific information with or without the user’s consent. This infection sends the collected user information to a central server for the purpose of delivering targeted advertising.
You should always pay attention when installing software because often, a software installer includes optional installs, such as this AdWare.Win32.InstallCore browser hijacker. Be very careful what you agree to install.
Always opt for the custom installation and deselect anything that is not familiar, especially optional software that you never wanted to download and install in the first place. It goes without saying that you should not install software that you don’t trust.
We use the Inno Setup install core (
http://www.jrsoftware.org/isinfo.php ), it will be detected by some anti virus program as potential danger. It think the false positive is because of some PPI (pay per install) companies that are also using Inno Setup, because it's one of the best setup cores out there.
Please analyse our setup file, our applications and our library's you will NOT find any adware, malware or virus!
If you can show me something else please prove it :).
Is after you have install. not before. after you have install your pc is a victim for adv and s--t.
test with a clean new installed computer and u will see what this soft do.
"use always moore computers" if you download from forum and other place . and test if false or positive. This soft is not nice.
so use Inno Setup Unpacker
http://sourceforge.net/projects/innounp/...t/download
and ...........
5 threats detected immediately in avast ...wtf
Thanks but no-thanks.....lol
(07-11-2015 10:58 PM)xiaofang Wrote: [ -> ]Is after you have install. not before. after you have install your pc is a victim for adv and s--t.
test with a clean new installed computer and u will see what this soft do.
"use always moore computers" if you download from forum and other place . and test if false or positive. This soft is not nice.
so use Inno Setup Unpacker http://sourceforge.net/projects/innounp/...t/download
and ...........
If you unpack the setup you will see all files that are necessary for the setup!
![[Image: 6KkEGE6.png]](http://i.imgur.com/6KkEGE6.png)
Backlink CheckR.exe - The main file
CS2PHPCryptography.dll - Used for our licensing system
ExceptioBase.dll - User for bug tracking
Net Seal Theme.dll - Theme
Settings.xml - Information for the updater
SmartThreadPool.dll - User for multi threading
Theambase.dll - Theme
Updater.exe - As the name said for updates
I also uploaded the file without setup on VT
https://www.virustotal.com/en/file/33a2c...436623883/ .
Guys I know there are many "black sheep's" on this forum BUT NOT ME!
We got over 55 downloads and NO ONE reported that there is any virus. The reason? Because this is a false positive!