I like to know if Ewido detects "Backdoor.Win32.Rbot.gen Backdoor" and if so when was this added to the database. I used Ewido to scan my system regularly, and this one was not detected in regular or safe mode for months. It was recently discovered when I tried CounterSpy, and the file creation date of the infected file was months ago. I am trying to keep an open mind but I am extremely unhappy with this. I recognize no software is perfect in detecting all trojans, but a reputable software such as Ewido should be capable of detecting such a serious threat.

im almost positive that its a counter spy false positive rather than a miss by ewido.

what file is detected ?
to verify if it really is a backdoor use the ewido file submission form at
http://www.ewido.net/en/malware/
to send a sample of the file
you also may want to contact counter spy about it, if it turns out to be a false positive

Hi !

-{ Quote: "I like to know if Ewido detects "Backdoor.Win32.Rbot.gen Backdoor" and if so when was this added to the database. " }-

First , this above is a generic detection for some trojan backdoor . Ewido might/might not has a generic detection for this trojan horse

-{ Quote: "
I used Ewido to scan my system regularly, and this one was not detected in regular or safe mode for months. It was recently discovered when I tried CounterSpy, and the file creation date of the infected file was months ago. " }-

and since it is a generic detection , it is possible it was a false positive .

-{ Quote: "
I am trying to keep an open mind but I am extremely unhappy with this. I recognize no software is perfect in detecting all trojans, but a reputable software such as Ewido should be capable of detecting such a serious threat." }-

As you know there is no 100% successful software so here is a suggestion for the next time you meet something like this :
Before deleting something detected by a software , submit it to VirusTotal (http://www.virustotal.com) to see the results for it . Then , VT will submit the sample to all vendors which doesn't detect anything in this file . You can only wait then or manually submit to any vendor you like , Ewido's email is submit@ewido.net
:thumb:

The nomenclature of malware will vary from company to company, but what exactly did CounterSpy find? What was the file and file path?

Edit - it seems I was typing as others were posting :P

The file was TEMP.EXE found in system32 of Windows directory, with a file creation date in May of this year. Unfortunately I already deleted the file. I thought about keeping it, but as you may understand, I was extremely uncomfortable leaving that file on my system. Nothing would make me happier to see this as a false positive. To be fair to Ewido, no other programs I used prior to CounterSpy found this problem, that includes Ad-Aware SE, Spybot, Symantec antivirus, and Windows Defender.