Hello,

I would like your opinion about whether or not the Frostwire installer is Adaware known as OpenCandy?

The Microsoft Malware Protection Center (MMPC) has investigated the following file(s) which we received on 2/15/2011 11:55:57 AM Pacific Time.

Below is the determination for your submission.

========
Submission ID MMPC11021551483986

Submitted Files

frostwire-4.21.3.windows.exe [Adware:Win32/OpenCandy]

Microsoft Security Essentials and Windows Defender detects it, I submitted a false positive report to Microsoft, but they still think it is Malware, they gave me this link:

http://www.microsoft.com/security/portal/Threat/Encyclopedia/Entry.aspx?name=Adware:Win32/OpenCandy

They detected the newer and older installer from the Frostwire official website:

http://www.frostwire.com/

Download Mirror:

http://www.brothersoft.com/d.php?soft_id=62030&downloader=no&url=http%3A%2F%2Fusfiles.brothersoft.com%2Finternet%2Fp2p_file_sharing%2Ffrostwire-4.21.3.windows.exe

Official Website Reports:

http://siteinspector.Comodo.com/taskreport/?uid=2465

http://www.urlvoid.com/scan/frostwire.com

http://www.virustotal.com/url-scan/report.html?id=3bc85116bcd3151c3d80cb447bcc1aca-1297813526

http://www.virustotal.com/file-scan/report.html?id=f8796c5a261ebf2c78d1d0383efc0140b9d1763894e565a1d6564bc98b73506b-1297817134

http://anubis.iseclab.org/?action=result&task_id=18db9982b3d1df724251ef2aa80747ad6&format=html

http://www.mywot.com/en/scorecard/frostwire.com

http://safeweb.norton.com/report/show?url=http%3A%2F%2Fwww.frostwire.com%2F

Download Mirror Website Reports:

http://siteinspector.comodo.com/taskreport/?uid=2466

http://www.urlvoid.com/scan/brothersoft.com

http://www.virustotal.com/url-scan/report.html?id=8d3257c2e0e42d79bfbceac765436d4e-1297815148

http://www.virustotal.com/file-scan/report.html?id=aef06d45f4aa73a6abfffc159c2635911666e7bd25ff42ddbf8a9c5ce9dea26f-1297818753

http://anubis.iseclab.org/?action=result&task_id=1cd0bdd924beb0764653b21368c78ad4e&format=html

http://www.mywot.com/en/scorecard/brothersoft.com

http://safeweb.norton.com/report/show?url=http%3A%2F%2Fwww.brothersoft.com%2Fdownload-frostwire-62030.html

File Reports:

Frostwire 4.21.3

7.92mb

MD5 : 2398c8279f8dee6d771615eb7688b2ed

http://www.virustotal.com/file-scan/report.html?id=bd3964ee028104cf61d4ac6e20d6c5ad7eb2fad8cde193a74a5d9543e7969657-1297816735

http://camas.Comodo.com/cgi-bin/submit?file=bd3964ee028104cf61d4ac6e20d6c5ad7eb2fad8cde193a74a5d9543e7969657

http://anubis.iseclab.org/?action=result&task_id=130d2687d70d8a974a9cb1e21527a3b60&format=html

Thank you,
-John Jr

That is something that really should be addressed to MSE.

Yeah, I did (As already stated in my post cough ), they still think it is malware.

So I am reporting it here and several other places since most of them do not detect it, in case it really is malware like they think; so I wanted to get other opinions and if it turns out to be true, then Yall will have a new threat to add to your database.

I am just trying to do my part in the War Against False Positives And Malware, and help the Anti-Malware Community in General.

Thank you for responding though.

Well if they are basing it on the same reason as McAfee, the Ask Toolbar, it is somewhat of a harsh decision as it is an option that can probably be declined, assuming it is in Frostwire (which I don’t use).

The other thing is are you using MSE and avast on the same system, as two resident AVs is one too many.

No, I am not currently using Avast or Microsoft Security Essentials.

I am currently using AVG Free (I am testing it ) and Windows Defender.

But if that is the reason for the detection, then yes, it is a harsh decision; I am no Expert, so I will let Yall Examine it or whoever the Experts are.