False Positive for screensaver?

Discussion in 'ewido anti-spyware forum' started by tristantzara, Jul 24, 2006.

Thread Status:
Not open for further replies.
  1. tristantzara

    tristantzara Registered Member

    Joined:
    Mar 21, 2006
    Posts:
    78
    Hi guys,

    i just did a scan and ewido detected one saved screensaver as malware. never happened before with that file and results from virustotal were clean.

    C:\WINDOWS\system32\NumbersScreensaver.scr -> Backdoor.Bifrose.ut : No action taken.

    should i send the file?

    greetings

    tt
     
  2. .....

    ..... Registered Member

    Joined:
    Jan 14, 2005
    Posts:
    312
    If you suspect a malware/ false positive i would always reccomend sending a file to various vendors to get a accurate reply.
     
  3. cheater87

    cheater87 Registered Member

    Joined:
    Apr 22, 2005
    Posts:
    3,122
    Location:
    Pennsylvania.
    did you download the screen saver from a site? most of them are spyware or viruses
     
  4. tristantzara

    tristantzara Registered Member

    Joined:
    Mar 21, 2006
    Posts:
    78
    hi,

    yeah i know, they are bad mostly,
    ...this was from one guy on lost-forum.com or so... it's a "lost" show screensaver and i also use appdefend/regdefend, looknstop and i can't see any other activity than turning my screen into the computer from the hatch :)

    :< 4816162342

    ...lol

    well, i send the file anyway....





    Antivirus Version Update Result
    AntiVir 6.35.0.24 07.24.2006 no virus found
    Authentium 4.93.8 07.21.2006 no virus found
    Avast 4.7.844.0 07.24.2006 no virus found
    AVG 386 07.24.2006 no virus found
    BitDefender 7.2 07.24.2006 no virus found
    CAT-QuickHeal 8.00 07.22.2006 no virus found
    ClamAV devel-20060426 07.24.2006 no virus found
    DrWeb 4.33 07.24.2006 no virus found
    eTrust-InoculateIT 23.72.76 07.23.2006 no virus found
    eTrust-Vet 12.6.2306 07.24.2006 no virus found
    Ewido 4.0 07.24.2006 Backdoor.Bifrose.ut
    Fortinet 2.77.0.0 07.23.2006 no virus found
    F-Prot 3.16f 07.21.2006 no virus found
    F-Prot4 4.2.1.29 07.21.2006 no virus found
    Ikarus 0.2.65.0 07.24.2006 no virus found
    Kaspersky 4.0.2.24 07.24.2006 no virus found
    McAfee 4813 07.24.2006 no virus found
    Microsoft 1.1508 07.24.2006 no virus found
    NOD32v2 1.1676 07.24.2006 no virus found
    Norman 5.90.23 07.24.2006 no virus found
    Panda 9.0.0.4 07.24.2006 no virus found
    Sophos 4.07.0 07.24.2006 no virus found
    Symantec 8.0 07.24.2006 no virus found
    TheHacker 5.9.8.180 07.24.2006 no virus found
    UNA 1.83 07.24.2006 no virus found
    VBA32 3.11.0 07.24.2006 no virus found
    VirusBuster 4.3.7:9 07.24.2006 no virus found
     
  5. tristantzara

    tristantzara Registered Member

    Joined:
    Mar 21, 2006
    Posts:
    78
    ok, just got the reply that the file is alright. was an FP.
    thanks to ewido support..
     
Thread Status:
Not open for further replies.