vanDivX Posted September 24, 2006 Report Share Posted September 24, 2006 I did a Bitdefender online scan today and it reported that it found a backdoor.Virkel.A in the much touted patch to increase the half open connection in windows - in EvID4226Patch223d-en.zip -> EvID4226Patch.exeI am sure I downloaded that patch from that orig site linked from here, what gives? is that false positive? Search on these forums here for 'Virkel.A' returned no resultsvanDivX Link to comment Share on other sites More sharing options...
geezer Posted September 24, 2006 Report Share Posted September 24, 2006 LvlLord's site has a blurb explaining that some viruses and Trojans contain the same code for patching the half-open limit. This code is detected by some anti-virus programs. So you get a false notification when you scan LvlLord's program.Here's a link to the official site:http://www.lvllord.de/ Link to comment Share on other sites More sharing options...
vanDivX Posted September 24, 2006 Author Report Share Posted September 24, 2006 likely didn't read the notification or if I did I don't remember itaaah, the joys of false positives, one reason I had to get rid of AVG antivirus a while back, it wouldn't allow me to even manipulate some programs on my disk (move/copy.... anything at all) and no disabling of AVG would help except full unistall, since then I run without, what's some OK antivirus that doesn't pickup false positives?BTW Bitdefender online scan just deletes what it deems undesirable and you can't do nothing about it, don't like that approach at all, be warned if you use that onevanDivX Link to comment Share on other sites More sharing options...
geezer Posted September 25, 2006 Report Share Posted September 25, 2006 I had a false positive on my own code many years ago. I had to insert some pointless code in the middle of a function to get the virus scanner to stop declaring my own program a virus. Link to comment Share on other sites More sharing options...
Ultima Posted September 25, 2006 Report Share Posted September 25, 2006 NOD32 does the same, AFAIK (deleting the files without user notification, that is). Link to comment Share on other sites More sharing options...
vanDivX Posted September 25, 2006 Author Report Share Posted September 25, 2006 well, to be exact, I meant just that it doesn't give you a choice about deleting but it notifies you which files it deleted and why, just that it does you fat lot of good if you don't like it and it doesn't go into garbage either, its basically gone as soon as you read it the scanning report as it comes in, probably Nod32 is the same as you sayvanDivX Link to comment Share on other sites More sharing options...
Ultima Posted September 25, 2006 Report Share Posted September 25, 2006 NOD32 basically deletes it from the zip file before you can even open the zip file, AFAIK. Really stupid. Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.