Ewido - backweb - need ignore list

Discussion in 'other anti-trojan software' started by ChrisP, Nov 29, 2004.

Thread Status:
Not open for further replies.
  1. ChrisP

    ChrisP Suspended Member

    Joined:
    Jun 6, 2003
    Posts:
    447
    Location:
    UK
    Today I found that Ewido has started to identify the backweb component of my F-Secure antivirus as spyware (some poor quality adware scanners etc pick this up as spyware - quality ones such as adaware do not - since it is not soyware) Is it possible to configure Ewido to ignore backweb (eg - is there an ignore list). Failing that, can the developers please remove backweb from the detection list since backweb is in no way spyware.

    Cheers
     
  2. nameless

    nameless Registered Member

    Joined:
    Feb 23, 2003
    Posts:
    1,184
    If you are correct, this would be a false positive (FP) issue, not an exclusion issue. Ewido has given me more FPs than any other scanner I've ever used. Ever. And that's a lot of them.

    Send the sample to Ewido Networks at this URL:
    http://www.ewido.net/en/?section=malware

    Or to this email address:
    submit a..t ewido.net

    But yeah, a whitelist feature is painfully lacking from Ewido. I put up with having NirSoft Protected Storage PassView flagged every time I do a scan, and it's quite annoying. (Just about every malware-detection utility I use also flags PSPV, because it's just such horrible malware... But at least all of the others let me exclude it.)
     
  3. BrainWarp

    BrainWarp Registered Member

    Joined:
    Aug 26, 2004
    Posts:
    287
    LOL--

    Thats a big reason i did not choose f-secure .because of them using that god forsaken backweb!!

    I'm glad ewido tagged it--because it is spyware--i don't care what f-secure has to say about it--i had sent them many e-mails in the past about that.

    I also had some heated discussions on dsl reports about backwab,where most people think it is ok--but this company [backweb] made it's money with spyware and to me they will always be spyware!!


    Goodluck with f-secure
     
    Last edited: Nov 29, 2004
  4. nameless

    nameless Registered Member

    Joined:
    Feb 23, 2003
    Posts:
    1,184
    Well, then it's a whitelist issue. I'm flexible! :)
     
  5. ChrisP

    ChrisP Suspended Member

    Joined:
    Jun 6, 2003
    Posts:
    447
    Location:
    UK
    Its not a false positive. It is a case that Ewido have chosen to add backweb to their detection list even though it is a perfectly legitimate and safe application.

    I have solved the problem by removing Ewido from my system and telling everyone I know not to buy it.
     
  6. Infinity

    Infinity Registered Member

    Joined:
    May 31, 2004
    Posts:
    2,651
    yes, backweb is completely legitimate, like wildtangent from aol , give me a break.

    it is said all over the web, backweb is not OK to have. giant has it too blacklisted, just like wildtangent it is considered spyware.

    maybe you have AOL on your computer tooo_O :D

    greetz
     
  7. ChrisP

    ChrisP Suspended Member

    Joined:
    Jun 6, 2003
    Posts:
    447
    Location:
    UK
    Yes, backweb is legitimate.

    Are you telling me F-Secure corporation would use it if it were not.

    There is no evidence in the real world that shows it to be anything other than safe and legit - not one single bit of evidence - FACT.

    Its a shame that a small company like ewido have chosen to shoot themselves in the foot by failing to know which apps are safe and which are not.

    Funny how Adaware SE Pro does not detect it.

    Im sure Ewido will be telling people you can get pregnant from kissing next.

    Anyhow they have just lost 3 sales. I mayself made the mistake of registering - but will be buying TDS in a moment.
     
  8. Infinity

    Infinity Registered Member

    Joined:
    May 31, 2004
    Posts:
    2,651
  9. ChrisP

    ChrisP Suspended Member

    Joined:
    Jun 6, 2003
    Posts:
    447
    Location:
    UK
    Having a fantastic eve thanks.

    You are one of tha many who is sucked in to believeing any rubbish they are told.

    We are all run by lizards. It must be true it says so here:

    http://www.davidicke.com/icke/temp/reptconn.html

    sssssssssssss
     
  10. peter.ewido

    peter.ewido former ewido team

    Joined:
    Nov 10, 2003
    Posts:
    737
    Location:
    Brno, Czech Republic
    This is getting really ridiculous...

    I totally agree with you that an ignore list is urgently required.
    We are already working on it but unfortunately there are a lot other things that also need to be done.

    Concerning BackWeb... The sample we got is also detected by KAV as "not-a-virus:AdWare.BackWeb.a" (at least with extended signatures)...
    Unfortunately we didn't receive your sample so we can't comment on yours...
     
  11. nameless

    nameless Registered Member

    Joined:
    Feb 23, 2003
    Posts:
    1,184
    KAV is nuts with some detections, too. I don't understand why adware would be flagged at all. Adware is not the same as spyware. The KAV people don't even read their own descriptions for the extended database option they have.
     
  12. BrainWarp

    BrainWarp Registered Member

    Joined:
    Aug 26, 2004
    Posts:
    287
    To each his own----i will never have backweb on my computer--i had a hard time years ago deleting it off my computer--so in my mind they are scum!!

    Blindly trust :cool:
     
  13. que sera

    que sera Guest

    personally I like KAV flagging everything that could possibly be considered as adware/spyware etc. - just because it gives me the choice to decide whether I want it or not. To me there is nothing wrong with having different opinons about backweb but not beeing informed about its existens by KAV or Ewido would be.
    Ewido should just add this whitelist feature asap.

    regards
    qs
     
  14. synapse

    synapse Registered Member

    Joined:
    Oct 31, 2004
    Posts:
    50
    adware is not the same as spyware?
     
  15. nameless

    nameless Registered Member

    Joined:
    Feb 23, 2003
    Posts:
    1,184
    What I was talking about is the few KAV detections I have seen which don't fit in with Kaspersky's own description of what the "extended databases" are supposed to entail. I'm not going to argue about it here, so I will leave it at that.

    Of course not. Adware is just software that shows you advertisements, to defray the costs of development, support, or other upkeep. It doesn't even necessarily need to connect out to do this. (But even if it does, it isn't necessarily "spyware".) Spyware is software the surreptitiously (i.e. behind your back) collects and transmits any sort of information about the user.

    But, just like all trojans, worms, and other malware are now collectively referred to as "viruses", adware gets lumped in with spyware, to the extent that people voice violent opposition to even the most innocent adware.

    I don't know why any supposed malware-detection utility would flag adware. At that rate, why not flag Internet Explorer, Mozilla, Firefox, Netscape, Opera, and every other web browser? After all, they do serve up advertisements imbedded in web pages, and--Ooooo...--some of those web pages use evil cookies!
     
  16. synapse

    synapse Registered Member

    Joined:
    Oct 31, 2004
    Posts:
    50
    "A different type of vicious programming has started to invade computers around the world. Spyware (sometimes called Adware) is uninvited software that is transferred to your computer without your explicit knowledge. It often piggybacks on software that you download from the Internet. Spyware causes erratic behavior in a computer that is very similar to the behavior caused by viruses. Often spyware is characterized by unusual windows popping up on your computer, but your computer can be infected by spyware even if there are no annoying pop ups. If your virus scan shows no viruses, but your computer is still acting weirdly, you should suspect spyware."

    quote taken from a torrentspy.com

    http://www.torrentspy.com/guides.asp?mode=display&id=11
     
  17. nameless

    nameless Registered Member

    Joined:
    Feb 23, 2003
    Posts:
    1,184
    And I could sometimes refer to the color "blue" as "green", but that wouldn't suddenly make them the same wavelength. Adware is not always spyware, period, end of paragraph.
     
  18. ChrisP

    ChrisP Suspended Member

    Joined:
    Jun 6, 2003
    Posts:
    447
    Location:
    UK
    It has been a couple of days since I submitted the files Ewido is picking up - and no feedback. In any case, all Ewido need to do is download the trial copy of F-Secure 5.43 and check to see that it is detecting that Backweb component as a nasty. Im not happy as I have paid for Ewido and right now Iam unable to use it.
     
  19. spy1

    spy1 Registered Member

    Joined:
    Dec 29, 2002
    Posts:
    3,139
    Location:
    Clover, SC
    Hi, Chris! When you say that you're not able to use EWIDO, I'm not sure I really understand what you mean:

    Does EWIDO shut down F-Secure if you're running the ewido guard? Or just alert on BackWeb when you run a manual scan, or what?

    IOW, is this an on-going, active irritation (multiple alerts while simply having EWIDO Guard active, or your F-Secure being interfered with/shut down) - or something you just see when you run a scan with EWIDO?

    I know EWIDO has updated several times since you first posted - are you trying to run it again after each update to see whether the problem (if that's what it is) has been addressed?

    Do you truly think that comments like:

    and

    are conducive to getting this problem resolved? Or having the developer get even mildly interested in helping you out with it? (just curious).

    nameless -
    .

    That certainly hasn't been the case here - and I'm quite sure it isn't true for the majority of people who use EWIDO (were it, we'd have heard from a lot more people than just you with comments like that).

    One can only imagine how much stuff on your computer must have the capability of setting off an alarm - but I'm sure your notifications of these F/P's to EWIDO have helped everyone, so thank you.

    Yes, a "whitelist" or "exclusion" list is certainly needed (and will be provided eventually, I'm sure) - but until that happens, I'm not seeing this as being anything other than a minor annoyance, if that.

    Of course, I'm not getting any of these pesky F/P's . :) Pete
     
  20. Firefighter

    Firefighter Registered Member

    Joined:
    Oct 28, 2002
    Posts:
    1,670
    Location:
    Finland
    If that's true, the Ewido folks have something to correct in this list below.

    Best reagds,
    Firefighter!
     

    Attached Files:

  21. se7engreen

    se7engreen Registered Member

    Joined:
    Feb 6, 2004
    Posts:
    369
    Location:
    USA
    I ran Ewido (most recent update) against F-Secure Client Security & Internet Security both and it never picked up backweb. Maybe the stand alone AV has a different implementation of backweb?

    Edit: I do agree that an exclude list would be nice.
     
    Last edited: Dec 3, 2004
  22. ChrisP

    ChrisP Suspended Member

    Joined:
    Jun 6, 2003
    Posts:
    447
    Location:
    UK
    What I mean by I cant use it is that every time I boot up ewido tries to kill the Backweb component of F-Secure. Is a total pain and requires several minutes of playing about to get it to start. I have removed Ewido. It is a shame they wronly identify safe apps as dangerous. F-Secure is the best antivirus out there and Ewido are fools to pretend that F-Secure corporation would have any dodgy components in their software. Im highly irritated that there is no white list, that Ewido do not get back to me and that I have registered for this second rate product. I will do all I can to spread the word about their service and inability to identify unsafe apps. Ewido, jeep my money - you can poke your antitrojan. TDS are going to ber getting 4 new orders this week. One from me and 3 from people I know who were going to buy Ewido. Well done Ewido, you have detected a safe app and lost money because your service stinks.
     
  23. BrainWarp

    BrainWarp Registered Member

    Joined:
    Aug 26, 2004
    Posts:
    287
    I think f-secure are fools to use backweb to update.Because of that they will never see a penny of mine.

    D o a search in history and see how backweb made all there money.F-secure is one of the best antivirus programs on the market--my only Grievance is with backweb!

    As for ewido,there one of the best trojan programs on the market and thats saying alot for a new company. :cool:
     
  24. ChrisP

    ChrisP Suspended Member

    Joined:
    Jun 6, 2003
    Posts:
    447
    Location:
    UK
    You or 1000 people not buying F-Secure will make no difference to them as they are so big. Half a dozen people not buying Ewido will hurt them.
     
  25. gerardwil

    gerardwil Registered Member

    Joined:
    Jan 17, 2004
    Posts:
    4,748
    Location:
    The Netherlands
    ChrisP,

    If your target is to hurt any people then start a "ten-forward" issue and we will watch how long the mods will keep it alive.

    Gerard
     
Thread Status:
Not open for further replies.