False Positive for screensaver?

Discussion in 'ewido anti-spyware forum' started by tristantzara, Jul 24, 2006.

Thread Status:
Not open for further replies.
  1. tristantzara

    tristantzara Registered Member

    Joined:
    Mar 21, 2006
    Posts:
    78
    Hi guys,

    i just did a scan and ewido detected one saved screensaver as malware. never happened before with that file and results from virustotal were clean.

    C:\WINDOWS\system32\NumbersScreensaver.scr -> Backdoor.Bifrose.ut : No action taken.

    should i send the file?

    greetings

    tt
     
    tristantzara, Jul 24, 2006
    #1
  2. .....

    ..... Registered Member

    Joined:
    Jan 14, 2005
    Posts:
    312
    If you suspect a malware/ false positive i would always reccomend sending a file to various vendors to get a accurate reply.
     
    ....., Jul 24, 2006
    #2
  3. cheater87

    cheater87 Registered Member

    Joined:
    Apr 22, 2005
    Posts:
    3,291
    Location:
    Pennsylvania.
    did you download the screen saver from a site? most of them are spyware or viruses
     
    cheater87, Jul 24, 2006
    #3
  4. tristantzara

    tristantzara Registered Member

    Joined:
    Mar 21, 2006
    Posts:
    78
    hi,

    yeah i know, they are bad mostly,
    ...this was from one guy on lost-forum.com or so... it's a "lost" show screensaver and i also use appdefend/regdefend, looknstop and i can't see any other activity than turning my screen into the computer from the hatch :)

    :< 4816162342

    ...lol

    well, i send the file anyway....





    Antivirus Version Update Result
    AntiVir 6.35.0.24 07.24.2006 no virus found
    Authentium 4.93.8 07.21.2006 no virus found
    Avast 4.7.844.0 07.24.2006 no virus found
    AVG 386 07.24.2006 no virus found
    BitDefender 7.2 07.24.2006 no virus found
    CAT-QuickHeal 8.00 07.22.2006 no virus found
    ClamAV devel-20060426 07.24.2006 no virus found
    DrWeb 4.33 07.24.2006 no virus found
    eTrust-InoculateIT 23.72.76 07.23.2006 no virus found
    eTrust-Vet 12.6.2306 07.24.2006 no virus found
    Ewido 4.0 07.24.2006 Backdoor.Bifrose.ut
    Fortinet 2.77.0.0 07.23.2006 no virus found
    F-Prot 3.16f 07.21.2006 no virus found
    F-Prot4 4.2.1.29 07.21.2006 no virus found
    Ikarus 0.2.65.0 07.24.2006 no virus found
    Kaspersky 4.0.2.24 07.24.2006 no virus found
    McAfee 4813 07.24.2006 no virus found
    Microsoft 1.1508 07.24.2006 no virus found
    NOD32v2 1.1676 07.24.2006 no virus found
    Norman 5.90.23 07.24.2006 no virus found
    Panda 9.0.0.4 07.24.2006 no virus found
    Sophos 4.07.0 07.24.2006 no virus found
    Symantec 8.0 07.24.2006 no virus found
    TheHacker 5.9.8.180 07.24.2006 no virus found
    UNA 1.83 07.24.2006 no virus found
    VBA32 3.11.0 07.24.2006 no virus found
    VirusBuster 4.3.7:9 07.24.2006 no virus found
     
    tristantzara, Jul 24, 2006
    #4
  5. tristantzara

    tristantzara Registered Member

    Joined:
    Mar 21, 2006
    Posts:
    78
    ok, just got the reply that the file is alright. was an FP.
    thanks to ewido support..
     
    tristantzara, Jul 25, 2006
    #5
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Accept Learn More...