Knowledge Base support case for AllWebMenus, abstracted and stripped of all user’s private info.


Initial Email From: John
Initial Email Subject: Security Breach
Support Case Month: April 2012

HI,

Downloaded and installed your upgrade to New Likno AllWebMenus #890.

The setup, allwebmenussetup.exe, created a file, regsvr32, that was identified as a high threat to my laptop.

Here is the data reported by Nortons:

Full Path: Not Available
____________________________
____________________________
On computers as of 4/25/2012 at 3:31:59 PM
Last Used 4/25/2012 at 3:31:59 PM
Startup Item Yes
Launched Yes
____________________________
____________________________
Very Few Users
Fewer than 5 users in the Norton Community have used this file.
____________________________
Very New
This file was released less than 1 week ago.
____________________________
High
This file risk is high.
____________________________
Threat Details
SONAR Protection monitors for suspicious program activity on your computer.
____________________________

Source File:
allwebmenussetup.exe

File Created:
regsvr32.exe
____________________________
File Actions
File: {PATH REMOVED}
Removed
Event: Running process: {PATH REMOVED}
Terminated
____________________________
Startup Actions
{PATH REMOVED} (Performed by {PATH REMOVED}, PID:1168)
No action taken
{PATH REMOVED} (Performed by {PATH REMOVED}, PID:4420)
No action taken
____________________________
System Settings Actions
Event: Process start (Performed by {PATH REMOVED}, PID:1976)
No action taken
____________________________
File Thumbprint - SHA:
Not Available
____________________________
File Thumbprint - MD5:
Not Available
____________________________

Please take immediate action to notify the authorities and clear the files you are requesting us to download.

 

Thanks,

John



Reply From: Likno Customer Support

Dear John,

We always scan our installers with several antivirus products before uploading them, and I can assure you that the current version is also clean.

Here is a new scan I just did in “virustotal”:

https://www.virustotal.com/file/bb72ec07b64505c741d5817bd09e64926b3090dd8b882078437d30beb24b1fee/analysis/1335436873/

Did you download this from our own download page, or from a different server/site?

Regards,
Kostas
Likno Customer Support
www.likno.com
Create any type of javascript menu (CSS menu, drop-down menu, sliding menu), button, html tree, modal window, tooltip, accordion, tab, scroller, jQuery slider) or design for your websites!

Reply From: Likno Customer Support

Dear John,

We can now fully confirm (after contacting Symantec) that this was indeed a false-positive and will be corrected in the next definitions update of your antivirus.

For now, you can turn Sonar off while you install AllWebMenus.

Thank you for letting us know regarding this issue, so that we could contact Symantec in turn and fix the problem for all our users.

Regards,
Kostas
Likno Customer Support
www.likno.com
Create any type of javascript menu (CSS menu, drop-down menu, sliding menu), button, html tree, modal window, tooltip, accordion, tab, scroller, jQuery slider) or design for your websites!