Ewido - backweb - need ignore list

Today I found that Ewido has started to identify the backweb component of my F-Secure antivirus as spyware (some poor quality adware scanners etc pick this up as spyware - quality ones such as adaware do not - since it is not soyware) Is it possible to configure Ewido to ignore backweb (eg - is there an ignore list). Failing that, can the developers please remove backweb from the detection list since backweb is in no way spyware.

Cheers

 

If you are correct, this would be a false positive (FP) issue, not an exclusion issue. Ewido has given me more FPs than any other scanner I've ever used. Ever. And that's a lot of them.

Send the sample to Ewido Networks at this URL:
http://www.ewido.net/en/?section=malware

Or to this email address:
submit a..t ewido.net

But yeah, a whitelist feature is painfully lacking from Ewido. I put up with having NirSoft Protected Storage PassView flagged every time I do a scan, and it's quite annoying. (Just about every malware-detection utility I use also flags PSPV, because it's just such horrible malware... But at least all of the others let me exclude it.)

 

LOL--

Thats a big reason i did not choose f-secure .because of them using that god forsaken backweb!!

I'm glad ewido tagged it--because it is spyware--i don't care what f-secure has to say about it--i had sent them many e-mails in the past about that.

I also had some heated discussions on dsl reports about backwab,where most people think it is ok--but this company [backweb] made it's money with spyware and to me they will always be spyware!!


Goodluck with f-secure

 

Well, then it's a whitelist issue. I'm flexible!

 

Its not a false positive. It is a case that Ewido have chosen to add backweb to their detection list even though it is a perfectly legitimate and safe application.

I have solved the problem by removing Ewido from my system and telling everyone I know not to buy it.

 

yes, backweb is completely legitimate, like wildtangent from aol , give me a break.

it is said all over the web, backweb is not OK to have. giant has it too blacklisted, just like wildtangent it is considered spyware.

maybe you have AOL on your computer too

greetz

 

Yes, backweb is legitimate.

Are you telling me F-Secure corporation would use it if it were not.

There is no evidence in the real world that shows it to be anything other than safe and legit - not one single bit of evidence - FACT.

Its a shame that a small company like ewido have chosen to shoot themselves in the foot by failing to know which apps are safe and which are not.

Funny how Adaware SE Pro does not detect it.

Im sure Ewido will be telling people you can get pregnant from kissing next.

Anyhow they have just lost 3 sales. I mayself made the mistake of registering - but will be buying TDS in a moment.

 

Backweb is considered as:

http://www.liutilities.com/products/wintaskspro/processlibrary/backWeb/

http://www.cexx.org/dlgli.htm

quote: backweb is adware, companies are using backweb so they can have good discount on other services/products of backweb.

and cexx and liutilities are very respected vendors, highly regarded and I sure wouldn't want it on my machine...for a lot of other reasons anyway.


have a nice eve.

 

Having a fantastic eve thanks.

You are one of tha many who is sucked in to believeing any rubbish they are told.

We are all run by lizards. It must be true it says so here:

http://www.davidicke.com/icke/temp/reptconn.html

sssssssssssss

 

This is getting really ridiculous...

I totally agree with you that an ignore list is urgently required.
We are already working on it but unfortunately there are a lot other things that also need to be done.

Concerning BackWeb... The sample we got is also detected by KAV as "not-a-virus:AdWare.BackWeb.a" (at least with extended signatures)...
Unfortunately we didn't receive your sample so we can't comment on yours...

 

KAV is nuts with some detections, too. I don't understand why adware would be flagged at all. Adware is not the same as spyware. The KAV people don't even read their own descriptions for the extended database option they have.

 

To each his own----i will never have backweb on my computer--i had a hard time years ago deleting it off my computer--so in my mind they are scum!!

Blindly trust

 

personally I like KAV flagging everything that could possibly be considered as adware/spyware etc. - just because it gives me the choice to decide whether I want it or not. To me there is nothing wrong with having different opinons about backweb but not beeing informed about its existens by KAV or Ewido would be.
Ewido should just add this whitelist feature asap.

regards
qs

 

adware is not the same as spyware?

 

What I was talking about is the few KAV detections I have seen which don't fit in with Kaspersky's own description of what the "extended databases" are supposed to entail. I'm not going to argue about it here, so I will leave it at that.

Of course not. Adware is just software that shows you advertisements, to defray the costs of development, support, or other upkeep. It doesn't even necessarily need to connect out to do this. (But even if it does, it isn't necessarily "spyware".) Spyware is software the surreptitiously (i.e. behind your back) collects and transmits any sort of information about the user.

But, just like all trojans, worms, and other malware are now collectively referred to as "viruses", adware gets lumped in with spyware, to the extent that people voice violent opposition to even the most innocent adware.

I don't know why any supposed malware-detection utility would flag adware. At that rate, why not flag Internet Explorer, Mozilla, Firefox, Netscape, Opera, and every other web browser? After all, they do serve up advertisements imbedded in web pages, and--Ooooo...--some of those web pages use evil cookies!

 

"A different type of vicious programming has started to invade computers around the world. Spyware (sometimes called Adware) is uninvited software that is transferred to your computer without your explicit knowledge. It often piggybacks on software that you download from the Internet. Spyware causes erratic behavior in a computer that is very similar to the behavior caused by viruses. Often spyware is characterized by unusual windows popping up on your computer, but your computer can be infected by spyware even if there are no annoying pop ups. If your virus scan shows no viruses, but your computer is still acting weirdly, you should suspect spyware."

quote taken from a torrentspy.com

http://www.torrentspy.com/guides.asp?mode=display&id=11

 

And I could sometimes refer to the color "blue" as "green", but that wouldn't suddenly make them the same wavelength. Adware is not always spyware, period, end of paragraph.

 

It has been a couple of days since I submitted the files Ewido is picking up - and no feedback. In any case, all Ewido need to do is download the trial copy of F-Secure 5.43 and check to see that it is detecting that Backweb component as a nasty. Im not happy as I have paid for Ewido and right now Iam unable to use it.

 

Hi, Chris! When you say that you're not able to use EWIDO, I'm not sure I really understand what you mean:

Does EWIDO shut down F-Secure if you're running the ewido guard? Or just alert on BackWeb when you run a manual scan, or what?

IOW, is this an on-going, active irritation (multiple alerts while simply having EWIDO Guard active, or your F-Secure being interfered with/shut down) - or something you just see when you run a scan with EWIDO?

I know EWIDO has updated several times since you first posted - are you trying to run it again after each update to see whether the problem (if that's what it is) has been addressed?

Do you truly think that comments like:

and

are conducive to getting this problem resolved? Or having the developer get even mildly interested in helping you out with it? (just curious).

nameless -

.

That certainly hasn't been the case here - and I'm quite sure it isn't true for the majority of people who use EWIDO (were it, we'd have heard from a lot more people than just you with comments like that).

One can only imagine how much stuff on your computer must have the capability of setting off an alarm - but I'm sure your notifications of these F/P's to EWIDO have helped everyone, so thank you.

Yes, a "whitelist" or "exclusion" list is certainly needed (and will be provided eventually, I'm sure) - but until that happens, I'm not seeing this as being anything other than a minor annoyance, if that.

Of course, I'm not getting any of these pesky F/P's . Pete

 

If that's true, the Ewido folks have something to correct in this list below.

Best reagds,
Firefighter!

 

I ran Ewido (most recent update) against F-Secure Client Security & Internet Security both and it never picked up backweb. Maybe the stand alone AV has a different implementation of backweb?

Edit: I do agree that an exclude list would be nice.

 

What I mean by I cant use it is that every time I boot up ewido tries to kill the Backweb component of F-Secure. Is a total pain and requires several minutes of playing about to get it to start. I have removed Ewido. It is a shame they wronly identify safe apps as dangerous. F-Secure is the best antivirus out there and Ewido are fools to pretend that F-Secure corporation would have any dodgy components in their software. Im highly irritated that there is no white list, that Ewido do not get back to me and that I have registered for this second rate product. I will do all I can to spread the word about their service and inability to identify unsafe apps. Ewido, jeep my money - you can poke your antitrojan. TDS are going to ber getting 4 new orders this week. One from me and 3 from people I know who were going to buy Ewido. Well done Ewido, you have detected a safe app and lost money because your service stinks.

 

I think f-secure are fools to use backweb to update.Because of that they will never see a penny of mine.

D o a search in history and see how backweb made all there money.F-secure is one of the best antivirus programs on the market--my only Grievance is with backweb!

As for ewido,there one of the best trojan programs on the market and thats saying alot for a new company.

 

You or 1000 people not buying F-Secure will make no difference to them as they are so big. Half a dozen people not buying Ewido will hurt them.

 

ChrisP,

If your target is to hurt any people then start a "ten-forward" issue and we will watch how long the mods will keep it alive.

Gerard