MaraDNS 1.4.04 released

Sebastian Müller spamcatch-maradns.org at messageme.de
Wed Aug 4 06:01:28 EDT 2010 

Am 03.08.2010 20:51, schrieb Sebastian Müller:
> Am 03.08.2010 18:31, schrieb Sam Trenholme:
>>> Oops. Avira reports BDS/Backdoor.Gen in link
>>>
>>> http://maradns.org/download/1.4/1.4.04/maradns-1-4-04-win32.zip
>>>
>>> Should I ignore it?
>>
>> It’s a false positive.
>>
>> http://maradns.org/faq.html#virus
>>
>> My personal theory is that some cheezy anti-viruses get upset by
>> Deadwood.exe because it is a GCC-compiled Windows service, since some
>> trojans are, in fact, GCC-compiled Windows services.
> 
> Hi Sam,
> 
> I am using Avira, too. Avira is known to have many false positives.
> 
> Nevertheless I contacted Avira about that false positive.
> Let's see when and how they answer.
> 

Avira answered few minutes ago,

Avira Lab Response - Tracking number 573252

-------- Original-Nachricht --------
Return-Path:     <devnull at avira.com>
X-Original-To:     xxx
Delivered-To:     xxx
Received:     from vcc.avira.com (vcc.avira.com [62.146.210.56]) by
mail.messageme.de (Postfix) with ESMTPS id D3C5B26A2DC for <xxx>; Wed, 4
Aug 2010 11:46:33 +0200 (CEST)
Received:     by vcc.avira.com (Postfix, from userid 81) id 6F22180A179;
Wed, 4 Aug 2010 11:46:14 +0200 (CEST)
To:     xxx
Subject:     Avira Lab Response - Tracking number 573252
Date:     Wed, 4 Aug 2010 11:46:14 +0200
From:     Avira Virus Lab Response Team <noreply at avira.com>
Message-ID:     <c97da08c7bb555e43d84c01fa86ebfab at vcc.avira.com>
X-Priority:     3
X-Mailer:     PHPMailer [version 1.73]
MIME-Version:     1.0
Content-Type:     multipart/alternative;
boundary="b1_c97da08c7bb555e43d84c01fa86ebfab"


A listing of files alongside their results can be found below:
File ID      Filename     Size (Byte)     Result
25834008      Deadwood.exe      61.5 KB      FALSE POSITIVE


Please find a detailed report concerning each individual sample below:
 Filename     Result
 Deadwood.exe      FALSE POSITIVE

The file 'Deadwood.exe' has been determined to be 'FALSE POSITIVE'. Dies
bedeutet, dass diese Datei nicht gefährlich und eine Fehlmeldung
unsererseits ist. Detection will be removed from our virus definition
file (VDF) with one of the next updates.

More information about the list mailing list