False Positive? Adware.Gdown with AOL?

Discussion in 'ewido anti-spyware forum' started by Jimbo40, Jun 24, 2006.

Thread Status:
Not open for further replies.
  1. Jimbo40
    Offline

    Jimbo40 Registered Member

    This morning I ran an update and found the following:


    c:\program files\common files\AolCoach\en_eng\GTDownAO_106.ocx

    Adware.Gdown.


    Legit or FP?
  2. ericfr
    Offline

    ericfr Registered Member

    Good question. :)

    Have you tried to upload it to e.g. Jotti.

    Regards
    ericfr
  3. Jimbo40
    Offline

    Jimbo40 Registered Member

    No i haven't uploaded it. Based on Ewido's response time it would probably be sometime next year until I heard back from them. This type of support is poor.
  4. gerardwil
    Offline

    gerardwil Registered Member

    http://virusscan.jotti.org/
  5. Jimbo40
    Offline

    Jimbo40 Registered Member

    Thanks for the site-great to bookmark...all found nothing except

    Dr.Web Found Adware.Gdown
  6. vinzenz.ewido
    Offline

    vinzenz.ewido former ewido team

    Please send this file to submit@ewido.net so that we can check it and put it on the whitelist.

    Thank you.
  7. OldRebel
    Offline

    OldRebel Registered Member

    I just did a fresh install of the AOL software and Ewido 4.0 yesterday. The Ewido scan yesterday did not detect this, but today it did.
    ---------------------------------------------------------
    ewido anti-spyware - Scan Report
    ---------------------------------------------------------

    + Created at: 6:05:54 PM 6/24/2006

    + Scan result:



    C:\Program Files\Common Files\AolCoach\en_en\GTDownAO_106.ocx -> Adware.Gdown : No action taken.
    C:\Program Files\Common Files\aolback\Comps\coach\aolcinst.exe/core.cab\GTDOWNAO_106.ocx -> Adware.Gdown : No action taken.


    ::Report end

    I'm laughing because I know AOL uses adware or consumerware. I just don't know if this is the right file to detect as adware. I wonder if the AOL software will work without ito_O
  8. aigle
    Offline

    aigle Registered Member

    BTW, I also have a false positive, can I submit it directly from Ewido 4? how?
  9. vinzenz.ewido
    Offline

    vinzenz.ewido former ewido team

    No, unfortunately it is not possible. But a nice idea. ^^
    I'll take a look if we can add such a feature in a later version (some time)

    :)

    BR
  10. lee_rice
    Offline

    lee_rice Registered Member

    6/25/2006 Past couple days need to repeat restores to connect internet:
    AVG free does not find virus:

    Long ago removed AOL down to pesky remnants; so I wondering if is safe or needed to remove the whole archive where ewido found 4 instances of Gdown and does whole archive imply auto removal of entire C:\ DocumentsandSettings\AllUsers\Application\Data or just the AOL part.

    Have not been creating new restore point because, ewido gives this warning: cannot remove embedded in archive: C:\DocumentsandSettings\AllUsers\Application\Data\Aol\Downloads\
    aolcom_setupSTUS\comp\coach\aolcinst.exe
    Then showed guestion: Do you want to remove the whole archive?

    ewido also found and cleaned TrackingCookie.Tacoda: Mzilla.32 in C:\Documentsandsettings\(MyID)\Application\Data\Mozilla\Firefox\Profiles\5ma60635.default\cookies.txt

    As before after this mornings restore, AdAware repaired couple of note pad vendibilities:
    obj[0]=RegData: regfile\shell\open\command ""
    obj[1]=RegData: scrfile\shell\open\command ""
    Last edited by a moderator: Jun 25, 2006
  11. MikeW2
    Offline

    MikeW2 Registered Member

    Yes The AOL program will work fine. The coach is only required if you want to use their 'computer check-up' program. Hope this helps
Thread Status:
Not open for further replies.