|
-
September 13th, 2006, 12:45 AM
#1
False Positives? Ad-Aware SE
I just updated Ad-Aware to the definitions on 9/12/06 and scanned two of my computers with updated Win XP Home (SP2 with all updates), updated etrust AV, and updated ZA firewall. It found on both computers multiple instances of Win32.trojan and Bargain Buddy. My computers are working fine, and etrust AV scans along with ewido and trend micro do not find anything. Are these false positives?
Thanks
-
September 13th, 2006, 02:30 AM
#2
Not neccesarily. I may not remember correctly, but I think Bargain Buddy might be in the add/remove programs list. Have a look there. In any case, you can go ahead and remove them with Ad-Aware. If you want, you can also install Spybot S&D before you remove them with Ad-Aware and see if Spybot finds anything.
-
September 13th, 2006, 05:56 AM
#3
There is talk here and there about 2 false positives (the ones you mention) with the 9/12 definitions. I would sit tight for a bit, ignore these finds for the moment and let Lavasoft get this situation analyzed/corrected.
-
September 13th, 2006, 08:27 AM
#4
Here's more info on the latest update which I copied from another forum.
"RE: Adaware Update SE1R123 13.09.2006"
This fixes a False Positive in Adware.AdMedia.
This fixes a False Positive in TrojanBackdoor.Serv-U.
This fixes a False Positive in BargainBuddy.
This fixes a False Positive in Win32.Trojan.Agent.
This fixes a False Positive in Win32.Trojan.Downloader.
The MD5 checksum for the defs.ref file is 536bea2c1749341b09b2589bf3cc0143
Additional Information
============================================
You can use Webupdate to install the new reference file, or download it manually from:
http://download.lavasoft.de.edgesuit...ublic/defs.zip
If you think something needs to be sent to us for review, visit our submission site at:
http://www.lavasofthelp.net/submit/
If you have any questions, please contact us at:
http://www.lavasoftsupport.com
Note: After you download this, close the program and reopen it and check the Internal Build number and it should be 150
Tufenuf
-
September 16th, 2006, 12:48 AM
#5
Voila! The updates for 9/15/06 did not reveal anything. Guess they were false positives. I deleted those files on my other computer b/c I initially thought they were evil. Hope I don't need them.
-
September 16th, 2006, 07:29 AM
#6
BigTimeNovice, As far as those items you deleted you may want to follow the thread at the link below. In the future you may want to leave the Ad-aware items found in quarantine for a week or two just in case something like this happens again.
http://www.lavasoftsupport.com/index.php?showtopic=3367
Tufenuf
-
September 16th, 2006, 04:18 PM
#7
The latest AdAware reference file is SE1R123 14.09.2006
Internal build : 151
There were two issued on Sept. 14. The first fixed the false positives mentioned above, but introduced a new false positive (DiaRemover). The second (Build 151) seems to have fixed all false positives.
Jim
WIN7 Ultimate SP1 64bit, IE 11, NTFS,
cable, MS Security Essentials, Windows 7 firewall
Thread Information
Users Browsing this Thread
There are currently 1 users browsing this thread. (0 members and 1 guests)
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|
Reply With Quote
