As we will soon release an updated version of our database, it would be very nice if some of you could do some testscans to check for false positives... :)

The setup contains the new database, it will delete all old signatures, install the new database and disable the automatic updates (if enabled). This is because as soon as you run an update, the beta database will be replaced with the current database. Therefore, if you want to switch back to the current database after testing, the only thing you have to do is to enable the automatic updates again or manually run an online-update.

http://download.ewido.net/ewido-beta-signatures.exe

This database is only for false positive testings. It should NOT be used for any other purpose. You should IGNORE everything that has been found and NOT clean/delete any of the detected files.

It would be nice if you could post a scan log in this thread so we can select possibly false positives for submission.

Thanks a lot :)

Hi Pete,

Installed 1000.dat (German lang).
Will let you know whats coming up.
Best regards,

gerard

Hi,

Scanlog:

---------------------------------------------------------
ewido anti-malware - Scan report
---------------------------------------------------------

+ Created on: 22:43:16, 4-2-2006
+ Report-Checksum: 34A0B650

+ Scan result:

HKU\S-1-5-21-3421531514-2068777321-1300136471-1006\Software\Maxthon -> Adware.CramToolbar : Ignored
HKU\S-1-5-21-3421531514-2068777321-1300136471-1006\Software\Maxthon\Dync -> Adware.CramToolbar : Ignored
:mozilla.31:C:\Documents and Settings\my name\Application Data\Mozilla\Firefox\Profiles\2699jbch.default\cookies.txt -> Spyware.Cookie.Com : Ignored
:mozilla.33:C:\Documents and Settings\my name\Application Data\Mozilla\Firefox\Profiles\2699jbch.default\cookies.txt -> Spyware.Cookie.Com : Ignored


::Report End

In the attached status you'll see 7 items, but three I had already.
Regards,

Gerard

Hi Peter:

Here is my scan Report!! Over 600,000 Objects Scanned!

---------------------------------------------------------
ewido anti-malware - Scan report
---------------------------------------------------------

+ Created on: 9:17:52 PM, 04/02/2006
+ Report-Checksum: B0876D4D

+ Scan result:

C:\Documents and Settings\My Name\Cookies\My Name @atdmt[2].txt[/email] -> Spyware.Cookie.Atdmt : Ignored
C:\Documents and Settings\My Name\Cookies\My Name @targetnet[1].txt[/email] -> Spyware.Cookie.Targetnet : Ignored
C:\Documents and Settings\My Name\Cookies\My Name @tribalfusion[2].txt[/email] -> Spyware.Cookie.Tribalfusion : Ignored


::Report End

Cheers,

Hey Peter,

Heres my log.

---------------------------------------------------------
ewido anti-malware - Scan report
---------------------------------------------------------

+ Created on: 8:26:25 PM, 2/4/2006
+ Report-Checksum: 2052BFE8

+ Scan result:

:mozilla.46:C:\Documents and Settings\My Name\Application Data\Mozilla\Firefox\Profiles\ggbpxczv.default\cookies-1.txt -> Spyware.Cookie.Burstnet : Ignored
:mozilla.47:C:\Documents and Settings\My Name\Application Data\Mozilla\Firefox\Profiles\ggbpxczv.default\cookies-1.txt -> Spyware.Cookie.Burstnet : Ignored
:mozilla.52:C:\Documents and Settings\My Name\Application Data\Mozilla\Firefox\Profiles\ggbpxczv.default\cookies-1.txt -> Spyware.Cookie.Burstbeacon : Ignored


::Report End

---------------------------------------------------------
ewido anti-malware - Scan report
---------------------------------------------------------

+ Created on: 22:14:25, 2/4/2006
+ Report-Checksum: 715D8103

+ Scan result:

E:\WINDOWS\Downloaded Program Files\popcaploader.dll -> Not-A-Virus.Downloader.Win32.PopCap.b : Ignored


::Report End

Here you have my report:
---------------------------------------------------------
ewido anti-malware - Scan report
---------------------------------------------------------

+ Created on: 12:01:21, 05-02-2006
+ Report-Checksum: E0B45DCB

+ Scan result:

HKU\S-1-5-21-484763869-1993962763-854245398-1003\Software\Maxthon -> Adware.CramToolbar : Ignored
HKU\S-1-5-21-484763869-1993962763-854245398-1003\Software\Maxthon\Dync -> Adware.CramToolbar : Ignored
C:\Program Files\NOD32\infected\2YUZAVCA.NQF -> Worm.NetSky.d : Ignored
C:\Program Files\ScreenshotCaptor\KeyHook.dll -> Trojan.Mulin.a : Ignored
D:\Software\Internet\E-mail\Mail PassView 1.34.zip/mailpv.exe -> Not-A-Virus.PSWTool.Win32.MailPassView.130 : Ignored
D:\Software\Multimedia\Graphic\Graphic Capture\Screenshot Captor 2.11.01 beta.rar/ScreenshotCaptorSetup.exe/KeyHook.dll -> Trojan.Mulin.a : Ignored
D:\Software\Security\Anti-Malware\Trojan Simulator.zip/TrojanSimulator.exe -> Not-A-Virus.Test.TrojanSimulator : Ignored
D:\Software\Security\Anti-Malware\Trojan Simulator.zip/TSServ.exe -> Not-A-Virus.Test.TrojanSimulator : Ignored
D:\Software\System\OS Enhancements\Protected Storage PassView 1.61.zip/pspv.exe -> Not-A-Virus.PSWTool.Win32.PassView.a : Ignored
D:\Software\System\System Miscellaneous\RockXP 3.0.zip/RockXP 3.0.exe/xpkey.exe -> Not-A-Virus.PSWTool.Win32.RAS.a : Ignored
D:\Software\System\System Miscellaneous\RockXP 3.0.zip/RockXP 3.0.exe/keyms.exe -> Not-A-Virus.PSWTool.Win32.RAS.a : Ignored
D:\Software\System\System Miscellaneous\RockXP 3.0.zip/RockXP 3.0.exe/RAS.exe -> Not-A-Virus.PSWTool.Win32.RAS.a : Ignored


::Report End

This probably won't help that much, but the signatures detected nothing :thumb: . Here is my report:

---------------------------------------------------------
ewido anti-malware - Scan report
---------------------------------------------------------

+ Created on: 1:49:32 PM, 2/5/2006
+ Report-Checksum: 2EDDD5A0

+ Scan result:

No infected objects found.


::Report End

From my system:
WinXP Pro 2, EZArmor, AdAware, a2, SpyBot

---------------------------------------------------------
ewido anti-malware - Scan report
---------------------------------------------------------

+ Created on: 05:14:42, 2/7/2006
+ Report-Checksum: CC3F97D4

+ Scan result:

HKU\S-1-5-21-436374069-1965331169-1801674531-1003\Software\Maxthon -> Adware.CramToolbar : Ignored


::Report End

No False positives after beta scan :(

Poor Bubba ;D
In the meantime, the sigs have been released as final, thanks all for testing :)

{QUOTE-> Poor Bubba ;D
In the meantime, the sigs have been released as final, thanks all for testing :) <-QUOTE}

I actually did another scan but it only still picked up cookies :P

Any more beta signatures?