From: Terry Pinnell on 27 Jan 2010 14:34 I haven't had any threats for months and now TWO within a week! The previous was VideoReDoPlus-2-1-1-413.exe, Tracking number 433125, which I confirmed a day or so ago was a false positive. This one is another 'movie software' file (part of FFDshow I think): C:\WINDOWS\system32\ff_vfw.dll My Anitvir Personal has just reported that it "Contains a recognition pattern of the (harmful) BDS/Bot.111287 back-door program" Yet it's been on my HD for ages. I've sent it to Avira for analysis. Virus Total online shows it as OK for all 41 programs, including Avira AntiVir, version 7.9.1.154, update 2010.01.27 How can that be contradicted by my local Antivir Personal (free), which was updated this morning as usual? -- Terry, East Grinstead, UK
From: John Williamson on 27 Jan 2010 14:50 Terry Pinnell wrote: > I haven't had any threats for months and now TWO within a week! The previous > was VideoReDoPlus-2-1-1-413.exe, Tracking number 433125, which I confirmed a > day or so ago was a false positive. > > This one is another 'movie software' file (part of FFDshow I think): > C:\WINDOWS\system32\ff_vfw.dll > > My Anitvir Personal has just reported that it "Contains a recognition pattern > of the (harmful) BDS/Bot.111287 back-door program" > > Yet it's been on my HD for ages. > > I've sent it to Avira for analysis. > > Virus Total online shows it as OK for all 41 programs, including Avira > AntiVir, version 7.9.1.154, update 2010.01.27 > > How can that be contradicted by my local Antivir Personal (free), which was > updated this morning as usual? > No guarantees, but this sounds like the reason I stopped using AVG free a while back. Far too many false positives all of a sudden. I now use Kaspersky Internet Security, which is a real PITA when you're installing stuff, but I've had no false positives as yet, and no obvious false negatives. Eset's another I've seen recommended and I used it until the sub came up for renewal. -- Tciao for Now! John.
From: Gene E. Bloch on 27 Jan 2010 19:03 On 1/27/10, Terry Pinnell posted: > I haven't had any threats for months and now TWO within a week! The previous > was VideoReDoPlus-2-1-1-413.exe, Tracking number 433125, which I confirmed a > day or so ago was a false positive. > This one is another 'movie software' file (part of FFDshow I think): > C:\WINDOWS\system32\ff_vfw.dll > My Anitvir Personal has just reported that it "Contains a recognition pattern > of the (harmful) BDS/Bot.111287 back-door program" > Yet it's been on my HD for ages. > I've sent it to Avira for analysis. > Virus Total online shows it as OK for all 41 programs, including Avira > AntiVir, version 7.9.1.154, update 2010.01.27 > How can that be contradicted by my local Antivir Personal (free), which was > updated this morning as usual? I also have gotten a few false positives from Norton Internet Security 2010. I can't say I enjoy them :-) The main problem is that it's hard to keep them intact or get them back, since in spite of how I *think* I configured the app, some items are removed without giving me any recourse. One friend has pointed out that it *is* possible that the program was recently corrupted in spite of having been on my computer for years. I agree, but somehow I don't think it happened: I suspect a new overly enthusiastic signature. I also experienced a reversal of fortunes, i.e., a putative virus was not flagged again after I managed to recreate the program (in at least one case, from a Norton quarantine, so the file was as before). This leads me to believe that the new signature was pulled in a later update. I think we're stuck with this sort of hassle regardless of which AV program we use, unless we abandon all our AV programs. For anyone who's about to tell me that Norton is a virus, don't bother, I won't be listening :-) -- Gene Bloch 650.366.4267 lettersatblochg.com
From: FromTheRafters on 27 Jan 2010 19:36 "Gene E. Bloch" <letters(a)someplace.invalid> wrote in message news:hjqk92$hc2$1(a)news.albasani.net... [...] > The main problem is that it's hard to keep them intact or get them > back, since in spite of how I *think* I configured the app, some items > are removed without giving me any recourse. I had Norton preinstalled on this computer, I *was* going to let it run until its subscription expired - but it deleted files even though I had it configured to only ask. ....it's gone now! [...]
From: FromTheRafters on 27 Jan 2010 19:43 "Terry Pinnell" <terrypin(a)dial.pipex.com> wrote in message news:lr41m51b3o4c28dmsltdcku63q5ioa2h17(a)4ax.com... >I haven't had any threats for months and now TWO within a week! The >previous > was VideoReDoPlus-2-1-1-413.exe, Tracking number 433125, which I > confirmed a > day or so ago was a false positive. I remember it as if it were yesterday... > This one is another 'movie software' file (part of FFDshow I think): > C:\WINDOWS\system32\ff_vfw.dll > > My Anitvir Personal has just reported that it "Contains a recognition > pattern > of the (harmful) BDS/Bot.111287 back-door program" > > Yet it's been on my HD for ages. > > I've sent it to Avira for analysis. > > Virus Total online shows it as OK for all 41 programs, including Avira > AntiVir, version 7.9.1.154, update 2010.01.27 > > How can that be contradicted by my local Antivir Personal (free), > which was > updated this morning as usual? I have my ideas on why this might be, and have in the past discussed this in the virus groups. It would be nice to hear it from "the horse's mouth" so to speak - could you ask the good folks at Avira?
|
Next
|
Last
Pages: 1 2 Prev: Can Someone please help me with my Computer stuff? 78984 Next: fakealert trojan |