False positive? Heidi Eraser - Delwin.bf trojan

Discussion in 'NOD32 version 2 Forum' started by DERV, Mar 21, 2007.

Thread Status:
Not open for further replies.
  1. DERV

    DERV Registered Member

    Joined:
    Aug 6, 2006
    Posts:
    35
    Location:
    England
    Hi guys,

    I'm getting ready to pass on a PC which was used to handle sensitive data (I'm a med student). I downloaded Heidi Eraser from Sourceforge.net (an app I've used many times before) and set it to run "erase free space - Guttman method".

    NOD32 is installed with "out of the box" settings (I just formatted the machine). Potentially Unsafe Applications is NOT ticked. I just came back to find this virus warning:

    What gives? Is there a trojan in Eraser now (it's never flagged before), is it a false positive, or have I made a boo-boo? :blink:

    Thanks in advance.
     
  2. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    57,722
    Location:
    Texas
    I would submit the file from quarantine to Eset for examination.
     
  3. DERV

    DERV Registered Member

    Joined:
    Aug 6, 2006
    Posts:
    35
    Location:
    England
    The file does not appear in quarantine; I presume that NOD automatically submitted it to Eset and then deleted it.

    A line in the log said that statistical information had been sent to ESET, so maybe that was it? Who knows. Thanks for replying.
     
  4. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    57,722
    Location:
    Texas
    Just for informations's sake, I have Heidi Eraser on my machine and have noted no warnings.
     
    Last edited: Mar 21, 2007
Thread Status:
Not open for further replies.