• AnyStream is having some DRM issues currently, Netflix is not available in HD for the time being.
    Situations like this will always happen with AnyStream: streaming providers are continuously improving their countermeasures while we try to catch up, it's an ongoing cat-and-mouse game. Please be patient and don't flood our support or forum with requests, we are working on it 24/7 to get it resolved. Thank you.

AnyDVD 8.1.4.0 - infected by a virus/malware or not?

Topic moved, that said false positive. Looks like they still haven't updated their definitions after 8130 DNS poisoning attack 2 weeks ago. The search will tell you the same.

Verstuurd vanaf mijn Nexus 6P met Tapatalk
 
Hi Ch3vr0n,
Malwarebytes Premium Version 3.1.2.1733 doesn't found any threat..?

Greats Hollowdobby
 
Add ESET to the growing list of security software blocking downloading of the legit AnyDVD setup file from RedFox's site. :mad:

Regardless, the legit file hosted on the actual RedFox servers is clean. If you question if it's still legit then check the digital signature.

Edit: I use Malwarebytes although from the transition from v2 to v3 I am growing fed up with the lack of stability and reliability. I get a lot of annoyings warnings from some of my legit software (ie Raxco PerfectUpdater) and I swear that they've intentionally made creating exclusions harder to accomplish in v3.
 
DrinkLyeAndDie said:
sI use Malwarebytes although from the transition from v2 to v3 I am growing fed up with the lack of stability and reliability. I get a lot of annoyings warnings from some of my legit software (ie Raxco PerfectUpdater) and I swear that they've intentionally made creating exclusions harder to accomplish in v3.
Click to expand...

I did the same thing after this (RF DNS poisoning/wannacry) started. Did you just update to V3? Or did you use the 'clean tool' & install fresh? I did the latter, & it's been smooth sailing... surprising after all I'd read to the contrary.
 
Last edited:
<OFF-TOPIC>

d00zah said:
I did the same thing after this (RF DNS poisoning/wannacry) started. Did you just update to V3? Or did you use the 'clean tool' & install fresh? I did the latter, & it's been smooth sailing... surprising after all I'd read to the contrary.
Click to expand...

Clean install of v3 on a clean install of Windows 10 Creators Update. Had issues with clean v3 install on my old system, too.

My issues with Malwarebytes are a mix of it still not being what I consider ready for public consumption and design changes. I could swear you could create exclusions from the detection warning in the past. I can't do that with v3. Plus RAM usage is still higher than it should, sometimes it still deactivates part of itself and tells you to activate it but it won't and a reboot is required, etc.

Don't get me wrong the newest refresh of the latest version with an updated component module is getting better but Malwarebytes pulled a Microsoft with the v3 release making everyone into beta testers.

Annoyed at the nags to update from v2 to v3 on an older laptop that I "maintain" for someone. v2 works great even given its age and it runs Creators Update just fine but v3 of Malwarebytes makes it crawl. So, I dumped Malwarebytes on that system.

Lucky for me that I have a bunch of old lifetime Malwarebytes licenses. As it stands I wouldn't pay them for a subscription. They need to get their act together.

</OFF-TOPIC>
 
Firefox claims the 8.1.4.0 download to be infected as well. I don't have any virus scanners installed as Firefox add-ons, so I assume this is a service baked into Firefox. I'm running 32bit Firefox 53.0.3 on Win7.

The virus warning led me to a Google search which lead me here. I'm happy to know it's a false positive.
 
Except for Chrome, I'm unaware of any browsers actually doing the blocking. It's usually an AV/firewall package. Independent of Firefox, do you have any AV products installed?
 
A little reading on how Google Chrome and Mozilla Firefox decide sites are unsafe, etc:

Google Chrome: https://www.google.com/transparencyreport/safebrowsing/faq/?hl=en
Mozilla Firefox: https://support.mozilla.org/en-US/kb/how-does-phishing-and-malware-protection-work

Both Google and Mozilla have supported/partnered with the non-profit StopBadware (https://www.stopbadware.org/about) which has been around since at least 2007. This is on top of anything else they may individually use in compiling, maintaining, etc, a database of unsafe sites.
 
Thanks, I was aware of that function, but asked because if Avast is not active, FF allows the download for me despite having this active in FF. I've posted links to a 'virustotal' analasis that seems to indicate that currently, only Sophos & ESET (IIRC) deem the download link malicious (out of 60+). Avast is not mentioned, so I imagine they leverage either/both? Anyway, it's not FF doing the blocking.
 
I don't have any virus scanners/blockers active on my Win7 install (even if I probably should). Firefox did allow the download, but only after I manually clicked out of the warning. That makes sense given how the partnership with StopBadware that DrinkLyeAndDie described. I wasn't aware of that until now.
 
Just wanted to add a bit about ESET. It turns out this isn't a "virus" issue.

It turned out to be the Web Access Protection module. I disabled Web Access Protection, downloaded the file, scanned it, and ESET said it was clean. Somehow this link was just added to a blacklist of links, not a virus database. There is no mention of a virus of any kind on ESET's virus catalog referring to a legit Redfox AnyDVD HD release. The results that do show up are obviously sketchy like "AnyDVD HD v.6.3.1.8 Beta incl crack.exe".

ESET Virus Catalog: http://www.virusradar.com

I submitted this issue to ESET requesting they review the link and letting them know this is a legit company and the software is legit. Hopefully it will get resolved.
 
Last edited:
With Avast, it was their 'Reputation service' causing issues. The download (past the DNS poisoning) always scanned clean after download.
 
On a brighter note, 8.1.5.0 downloaded without any notification of any kind for me.

EDIT: I wonder if the blacklisting of 8.1.4.0 was troll related, or a previous hater of SlySoft going after RedFox in a petty way?
 
Last edited:
That makes sense ... I have a general understanding of DNS and the idea of poisoning a DSN server, and what that means. I'll keep an eye out to see if I can help spot any future weirdness like this.

As for DNS caching, it may not always actually be a DNS server. There is a DNS cache service on every windows machine since Windows 7 for sure (maybe XP, but it's been a while, so don't quote me on that). I always disable this DNS cache service since it provides little benefit for the supposed "speed up" that was intended.

Apart from actual DNS servers, I'm not sure how often the DSN service on Windows actually refreshes it's DNS cache. So the previous incident on 8.1.3.0 may have actually been resolved much quicker then perceived due to local DNS caches being poisoned.

I actually didn't end up downloading 8.1.3.0 just from being to busy. By the time I got around to updating it was 8.1.4.0, so I guess I missed that excitement :)
 
You must log in or register to reply here.
Back
Top