I also use WeatherBug. It is the official weather station for Verizon ISP also among other large companies and radio stations and schools and TV stations. It is clean.
I have been unable to contact the Weatherbug personnel due to the site being busy; however I did have another tech download and install the program and no alerts were given that malware was detected. The tech also sent the file through VirusTotal and it came up clean there as well.
The matter is still being investigated; if a phishing site for Weatherbug has been established then it must be shut down.
According to what I have been informed of; the program Weatherbug is not in any way a malicious one. If your Norton product is detecting malware in the file download then it is quite possible it did not come from the official site for the software. I would recommend that if you have the file on your computer that is causing this report that you submit the file (according to the proper method for your product) for analysis; this will either confirm or deny the malware's existence.
However, I have had several colleagues who even sent the file (that they receive from the official Weatherbug website) through VirusTotal and there isn't any malware detected.
Which leads me to believe that at this time the official version of the program is clean and that the possibility that a false positive exists within certain security programs.
Also please be aware that if you have malware on your computer, it can attack any file on your computer and therefore make it seem as if it is the weather bug program that is the cause of the infection when it may have been the victim of the malware.
I appreciate your reply, but I’m not sure I totally understand it. However, I deleted weatherbug from my machine and all files with the word “weatherbug” any where in them (cookies and such), then I ran regedit and removed any mention of weatherbug from the registry. Then I rebooted my machine. I then went to the weatherbug website and downloaded the program. Installed it and ran it. As part of the installation, it asks for your email, name and zip code. It can’t get your weather until you give it a zip code. While still completing that form and before actually getting my weather, Endpoint gave me yet another message. The Client Management Log says: [SID: 23974] HTTP Fragus Toolkit Request 1 detected. Traffic has been blocked from this application: C:\Program Files (x86)\AWS\WeatherBug\Weather.exe The back trace says the remote host IP Address is 195.189.226.193 whose name is 193.226.189.static.server.ua Whois has no information on the address. What does that mean I am supposed to do? Is Symantec detecting the wrong this or is my system somehow corrupted or is the file from Weatherbug reflecting a recent change?
Its partially related. The bleepus warning is thrown up by Norton because of a malicious ad or something on the website is matching the signature. Plus, I have tried the Windows live gallery version and it seems pretty safe. Also, if you have vista or 7, the weather gadget perform the same job as the weatherbug, but alas it does not warn you of severe weather.
I'm not quite sure whether the file is safe or not. You can upload the setup file to virus total (www.virustotal.com) to see what other AV company says. I only know that the windows gadget is safe but can't gurantee the safety of the desktop tool.