Ewido possible false positive?

Discussion in 'ewido anti-spyware forum' started by jeeperscreepers, Jul 2, 2006.

Thread Status:
Not open for further replies.
  1. jeeperscreepers

    jeeperscreepers Registered Member

    Joined:
    Jun 26, 2006
    Posts:
    11
    Just scanned with ewido 4.0 and it is targeting DLMCleanup.exe (Adobe download manager) as a Trojan.Patched.B. Scanned file with Jotti--only one that detected it as such was BitDefender, the rest found nothing. Kaspersky found nothing. Perhaps someone here has some information on this?
    Thanks in advance and best regards to all-
     
  2. Oriour

    Oriour Registered Member

    Joined:
    Jul 2, 2006
    Posts:
    6
    Yeah I have the same reading, and most of the scanners I use don't mark the thing as a threat.
     
  3. gerardwil

    gerardwil Registered Member

    Joined:
    Jan 17, 2004
    Posts:
    4,748
    Location:
    The Netherlands
    Last edited: Jul 6, 2006
  4. Oriour

    Oriour Registered Member

    Joined:
    Jul 2, 2006
    Posts:
    6
    I'm pretty sure I know the answer this, but I want to make sure. So we can send files that are already classified as "infected" by ewido and not just suspicious files via http://www.ewido.net/en/malware/?
     
  5. jeeperscreepers

    jeeperscreepers Registered Member

    Joined:
    Jun 26, 2006
    Posts:
    11
    Hi Oriour:
    Thanks for your responses. I, too, was unclear about what could be submitted to ewido--will wait and see if an ewido representative happens by this thread. I am thinking it's a false positive, but would like an expert opinion.

    gerardwil:
    I appreciate the information! Hopefully the mystery will be solved soon! Best regards-
     
  6. vinzenz.ewido

    vinzenz.ewido former ewido team

    Joined:
    Dec 9, 2005
    Posts:
    425
    Location:
    Brno, Czech Republic
    Please send false positives or probably infected/suspicious files either directly to submit@ewido.net or use the form at http://www.ewido.net/en/malware

    Thank you very much. This helps us to remove errors and adding missed threats.

    Regards,
     
  7. richardw2

    richardw2 Registered Member

    Joined:
    Mar 25, 2005
    Posts:
    3
    Location:
    Sydney, Australia
    The update of 3 July 2006 resulted in the Adobe program DLMCleanup.exe and GoogleDesktopSearchSetup.exe being identified as high risk trojans. Both programs have been on my computer for some considerable time and have never before been identified as malware so I would think both are false positive identifications
     
  8. vinzenz.ewido

    vinzenz.ewido former ewido team

    Joined:
    Dec 9, 2005
    Posts:
    425
    Location:
    Brno, Czech Republic
    Can you send both to submit@ewido.net please? (Or submit them via http://www.ewido.net/en/malware ) And please notice that this are false positives.

    Thanks.

    BR
     
  9. jeeperscreepers

    jeeperscreepers Registered Member

    Joined:
    Jun 26, 2006
    Posts:
    11
    Hi Vinzenz-

    Thanks for your response to the possible false positive detected by ewido. I have followed your advice and sent the file to ewido just to be sure that it isn't infected. I am impressed by the speedy replies to my questions via both this message board and email from ewido. Your customer service is excellent!

    The email from ewido seems to indicate that this is a F/P and will hopefully be fixed with the next update!:)

    With best regards

    Hi Richardw2-
    Hope you received some clarification on your issues also. In my opinion it's better to err on the side of caution with an occasional F/P, than let some nasties slip by!
     
    Last edited: Jul 3, 2006
Thread Status:
Not open for further replies.