False positive? Heidi Eraser - Delwin.bf trojan

Discussion in 'NOD32 version 2 Forum' started by DERV, Mar 21, 2007.

Thread Status:
Not open for further replies.
  1. DERV

    DERV Registered Member

    Joined:
    Aug 6, 2006
    Posts:
    35
    Location:
    England
    Hi guys,

    I'm getting ready to pass on a PC which was used to handle sensitive data (I'm a med student). I downloaded Heidi Eraser from Sourceforge.net (an app I've used many times before) and set it to run "erase free space - Guttman method".

    NOD32 is installed with "out of the box" settings (I just formatted the machine). Potentially Unsafe Applications is NOT ticked. I just came back to find this virus warning:

    What gives? Is there a trojan in Eraser now (it's never flagged before), is it a false positive, or have I made a boo-boo? :blink:

    Thanks in advance.
     
  2. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    64,709
    Location:
    Texas
    I would submit the file from quarantine to Eset for examination.
     
  3. DERV

    DERV Registered Member

    Joined:
    Aug 6, 2006
    Posts:
    35
    Location:
    England
    The file does not appear in quarantine; I presume that NOD automatically submitted it to Eset and then deleted it.

    A line in the log said that statistical information had been sent to ESET, so maybe that was it? Who knows. Thanks for replying.
     
  4. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    64,709
    Location:
    Texas
    Just for informations's sake, I have Heidi Eraser on my machine and have noted no warnings.
     
    Last edited: Mar 21, 2007
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.