My friend did an online scan with www.ravantivirus.com. It detected in C:\Program Files\Common files\Webroot Shared\Internet.dll the following threat: Backdom:win32/Ferat1_0.
Because my computer has more security programs, I copied her Webrootfolder to my computer and let my securityprograms run a scan.
But neither TDS-3, Boclean, TrojanHunter, Trojanremover, eTrust, Kaspersky online, Norton 2004,... found any suspicious file. However, when i do an online ravantiscan, it find it on my computer too.
I already send an email to Ravanti but haven't got a reply yet.
Could this be a false positive?

To Diamond CS: is it alright that i submit this file to you?

Hi there Ronny,
can you please be so kind as to send a copy of the file to submit@diamondcs.com.au too for advice?
It might be a false positive, of course, but those only excist after Gavin examined them!

-{ Quote: "Hi there Ronny,
can you please be so kind as to send a copy of the file to submit@diamondcs.com.au too for advice?
It might be a false positive, of course, but those only excist after Gavin examined them!" }-
Ok i did. Was hoping you would ask me ;D
( I am a little afraid to bother Diamondcs with perhaps false positives, you know ;) )

No, not at all, Gavin is not on any anti-submitting diet yet, you keep them coming those files!

Again Diamondcs did it: they set my mind at rest :) :
"Yes this is definitely a false alarm and you should submit the file to them so they can fix it."
What a company, thanks again!

I wish i could say that also of www.ravantivirus.com because i FIRST submitted the "suspicious" file to them but haven't got an answer yet...but perhaps my judgement is a bit harsh , let's wait a bit longer.

But although it is perhaps inevitable, those "false positives" are a real nightmare.
Why is it for some companies so difficult to avoid them?
Sorry no offence :-[ .

think that question can best be answered by the tech guys. It must have to to with having the definitions too general.
It might corrected the databases in the meantime --which you can only find out by a new scan and did not take time to thank you.
They must get hundreds of samples a day.
Glad it is a false positive! Congratulations with that find!