Ethereal-users: RE: [Ethereal-users] Backdoor program?
Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.
From: "Carl Wallace" <club5220@xxxxxxxxxxx>
Date: Tue, 3 May 2005 12:46:23 -0400
I received this in response to my query... Glad to hear it's a mistake, but I think I'll still with SAV for now. -Carl. ---------------------------------- Hello and thank you for your mail. Unfortunately, virus signature files released at 17:00 on 2 May 2005 included a false positive detection identified as: W32/haxdoor.ap@bd causing problems for some of our users. New virus signature files that fix this problem have now been released. These files are dated 3 May 2005 and users need only update to avoid any further false positives. We apologise for any inconvenience this may have caused. If you have any further questions or comments please do not hesitate to contact us again. Best regards, Valtýr Jónasson F-Prot Antivirus Technical Support support@xxxxxxxxxx http://www.f-prot.com Tel: +354-540-7400 Fax: +354-540-7401 When replying, please copy your entire previous message/thread. Use the reply function of your e-mail program in order to keep the same subject of our response (including the tracking number). Otherwise your message may be delayed. If you are interested in receiving an e-mail notice when updates and new versions are released then you can subscribe at http://alerts.f-prot.com -----Original Message----- From: Alistair Ingi Grétarsson [mailto:alistair@xxxxxxxxxx] Sent: 3. maí 2005 09:18 To: support@xxxxxxxxxx Subject: FW: FPROT identifies Ethereal as webeditor@xxxxxxxxxx <webeditor@xxxxxxxxxx> -----Original Message----- From: Carl Wallace [mailto:club5220@xxxxxxxxxxx] Sent: 3. maí 2005 03:03 To: ethereal-users@xxxxxxxxxxxx Cc: webeditor@xxxxxxxxxx Subject: FPROT identifies Ethereal as webeditor@xxxxxxxxxx <webeditor@xxxxxxxxxx> F-Prot AVES: Modified this message. (click for details <https://aves.f-prot.com/m?i=aWkUNRr5tLbPT0TGR,Qnbp5gdTeg@xxxxxx-ga> ) ________________________________ Hello, I was wondering if you've had the same experience as I... on a 'clean' build of Windows XP Pro (SP2) I installed FPROT for evaluation, and to my surprise it identified (and automatically REMOVED?!) the Ethereal uninstall file as the w32/haxdoor.ap@bd threat and furthermore, it removed my ethereal installer (.10.10)! I tried searching Google for w32/haxdoor.ap@bd and got nothing, which seems a bit sketchy, to me. This software seems to be identifying your installation as a threat, which I'd guess is a false positive, because Ethereal is one of the premieire protocol analyzers out there, yes? Curiosuly yours, Carl Wallace -----Original Message----- From: Gerald Combs [mailto:gerald@xxxxxxxxxxxx] Sent: Tuesday, May 03, 2005 11:40 AM To: av@xxxxxxxxxxxxxx; Ethereal user support; Carl Wallace Subject: Re: [Ethereal-users] Backdoor program? Martin Gordon wrote: > Frisk flags the ethereal download as infected - is this true, please? ...and Carl Wallace wrote: > Hello, > > I was wondering if you've had the same experience as I... on a 'clean' > build of Windows XP Pro (SP2) I installed FPROT for evaluation, and to > my surprise it identified (and automatically REMOVED?!) the Ethereal > uninstall file as the w32/haxdoor.ap@bd <mailto:w32/haxdoor.ap@bd> > threat and furthermore, it removed my ethereal installer (.10.10)! I > tried searching Google for w32/haxdoor.ap@bd > <mailto:w32/haxdoor.ap@bd> and got nothing, which seems a bit sketchy, > to me. This software seems to be identifying your installation as a > threat, which I'd guess is a false positive, because Ethereal is one > of the premieire protocol analyzers out there, yes? This is probably a false positive. It's unlikely that a virus or trojan made it through our development process _and_ has gone unnoticed since March 11. I opened a trouble ticket with F-Secure, but haven't received a response yet.
- References:
- Re: [Ethereal-users] Backdoor program?
- From: Gerald Combs
- Re: [Ethereal-users] Backdoor program?
- Prev by Date: Re: [Ethereal-users] Backdoor program?
- Next by Date: [Ethereal-users] trouble filtering files by protocol
- Previous by thread: Re: [Ethereal-users] Backdoor program?
- Next by thread: [Ethereal-users] trouble filtering files by protocol
- Index(es):