« previous next »
Pages: [1] 2   Go Down

Author Topic: Another FP in Longman Dictionary  (Read 8858 times)

0 Members and 1 Guest are viewing this topic.

Offline George Yves

  • Avast Überevangelist
  • Massive Poster
  • *****
  • Posts: 4095
  • Help you I can
Another FP in Longman Dictionary
« on: August 14, 2009, 08:23:22 AM »
Today I updated the database of Avast on a stand-alone computer and ran the boot scan. Now Avast found that the file npwthost.dll from \Longman\LASD4\plugins is an ad-ware. As far as I understand that file is one of the plugins that helps to demonstrate pictures, videos and sounds from "Longman Active Study Dictionary" using QuickTime. I think that it is a false positive: that file was installed from an official Longman CD three years before and Avast have been keeping silence about that file until today's update.

Logged
May the FOSS be with you!

Offline .: L' arc :.

  • Avast Evangelist
  • Super Poster
  • ***
  • Posts: 1780
  • Thinking with Portals
Re: Another FP in Longman Dictionary
« Reply #1 on: August 14, 2009, 01:49:04 PM »
 Try checking it via VirusTotal.
Logged
Windows 7 (64-bit) Home Premium SP1
avast! 9 RC1

Offline George Yves

  • Avast Überevangelist
  • Massive Poster
  • *****
  • Posts: 4095
  • Help you I can
Re: Another FP in Longman Dictionary
« Reply #2 on: August 14, 2009, 01:59:21 PM »
Quote from: .: L' arc :. on August 14, 2009, 01:49:04 PM
Try checking it via VirusTotal.
What for? It has been already checked before Longman put it on its CD.

Anyway, here are the results (http://www.virustotal.com/en/analisis/4401b0a57a9dbea39c64c1b04d71f4cfa7322e4bf921f28f6be97f93c270e5b8-1250252145) and some more information on the file (http://www.processlibrary.com/directory/files/npwthost/).
« Last Edit: August 14, 2009, 02:11:09 PM by George Yves »
Logged
May the FOSS be with you!

Offline DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 89056
  • No support PMs thanks
Re: Another FP in Longman Dictionary
« Reply #3 on: August 14, 2009, 04:06:08 PM »
Quote from: George Yves on August 14, 2009, 01:59:21 PM
Quote from: .: L' arc :. on August 14, 2009, 01:49:04 PM
Try checking it via VirusTotal.
What for? It has been already checked before Longman put it on its CD.

Its called positive confirmation, so when you send it to avast stating you believe it is an FP you have some positive evidence (though there are lots of hits in the VT results), also send the VT results URL.

####
Send the sample to virus@avast.com zipped and password protected with the password in email body, a link to this topic, VT Results URL, might help and false positive in the subject.
 
Or you can also add the file to the User Files (File, Add) section of the avast chest (if it isn't already in the chest) where it can do no harm and send it from there. A copy of the file/s will remain in the original location, so you will need to take further action and can remove/rename that.
 
Send it from the User Files section of the chest (select the file, right click, email to Alwil Software). It will be uploaded (not actually emailed) to avast when the next avast auto (or manual) update is done.
Logged
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 24.3.6108 (build 24.3.8975.762) UI 1.0.801/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security

Offline George Yves

  • Avast Überevangelist
  • Massive Poster
  • *****
  • Posts: 4095
  • Help you I can
Re: Another FP in Longman Dictionary
« Reply #4 on: August 14, 2009, 09:48:49 PM »
I have sent the report about the false positive by e-mail.
Logged
May the FOSS be with you!

Offline Lisandro

  • Avast team
  • Certainly Bot
  • *
  • Posts: 67194
Re: Another FP in Longman Dictionary
« Reply #5 on: August 15, 2009, 12:05:59 AM »
Thanks for helping improving detection.
Logged
The best things in life are free.

Offline .: L' arc :.

  • Avast Evangelist
  • Super Poster
  • ***
  • Posts: 1780
  • Thinking with Portals
Re: Another FP in Longman Dictionary
« Reply #6 on: August 15, 2009, 09:58:49 AM »
 Thanks for the improvement in detections. Hope it gets analyzed as soon as possible.
Logged
Windows 7 (64-bit) Home Premium SP1
avast! 9 RC1

Offline George Yves

  • Avast Überevangelist
  • Massive Poster
  • *****
  • Posts: 4095
  • Help you I can
Re: Another FP in Longman Dictionary
« Reply #7 on: August 18, 2009, 07:30:52 AM »
Three days have passed. What are the results? Is the false positive confirmed?
Logged
May the FOSS be with you!

Offline .: L' arc :.

  • Avast Evangelist
  • Super Poster
  • ***
  • Posts: 1780
  • Thinking with Portals
Re: Another FP in Longman Dictionary
« Reply #8 on: August 18, 2009, 11:31:39 AM »
 Try scanning the file itself & see if it gets detected. From what saw in the VT analysis, it is very probable of being an adware.
Logged
Windows 7 (64-bit) Home Premium SP1
avast! 9 RC1

Offline George Yves

  • Avast Überevangelist
  • Massive Poster
  • *****
  • Posts: 4095
  • Help you I can
Re: Another FP in Longman Dictionary
« Reply #9 on: August 18, 2009, 12:23:46 PM »
Quote from: .: L' arc :. on August 18, 2009, 11:31:39 AM
it is very probable of being an adware.
Three years after it has been installed from official CD? It's like you work with a man and three years later you say he is a monkey.
Logged
May the FOSS be with you!

Offline Maxx_original

  • Avast team
  • Super Poster
  • *
  • Posts: 1479
Re: Another FP in Longman Dictionary
« Reply #10 on: August 18, 2009, 01:01:51 PM »
currently under analysis..
Logged

Offline .: L' arc :.

  • Avast Evangelist
  • Super Poster
  • ***
  • Posts: 1780
  • Thinking with Portals
Re: Another FP in Longman Dictionary
« Reply #11 on: August 18, 2009, 03:31:48 PM »
Quote from: George Yves on August 18, 2009, 12:23:46 PM
Quote from: .: L' arc :. on August 18, 2009, 11:31:39 AM
it is very probable of being an adware.
Three years after it has been installed from official CD? It's like you work with a man and three years later you say he is a monkey.

 A lot of things may change within 3 years since you just said that it wasn't on the CD anymore, therefore, on the Local Disk. Let's wait for the confirmation.
« Last Edit: August 18, 2009, 03:33:28 PM by .: L' arc :. »
Logged
Windows 7 (64-bit) Home Premium SP1
avast! 9 RC1

maxwachtel

  • Guest
Re: Another FP in Longman Dictionary
« Reply #12 on: August 18, 2009, 06:57:47 PM »
Hello-
 There are many programs that ID WildTangent as something that should be avoided. Do some light reading and then make your own choice, start here http://en.wikipedia.org/wiki/WildTangent. I don't believe this is a FP but a good detection by Avast. If you want to keep it then just tell Avast to ignore it.

Just as an aside- you should have posted this in the virus and worm forum ;)
Logged

Offline George Yves

  • Avast Überevangelist
  • Massive Poster
  • *****
  • Posts: 4095
  • Help you I can
Re: Another FP in Longman Dictionary
« Reply #13 on: August 19, 2009, 06:47:26 AM »
Quote from: maxwachtel on August 18, 2009, 06:57:47 PM
Hello-
 There are many programs that ID WildTangent as something that should be avoided. Do some light reading and then make your own choice, start here http://en.wikipedia.org/wiki/WildTangent. I don't believe this is a FP but a good detection by Avast. If you want to keep it then just tell Avast to ignore it.

Just as an aside- you should have posted this in the virus and worm forum ;)
I am too incompetent to draw a conclusion from a Wiki article.
Logged
May the FOSS be with you!

maxwachtel

  • Guest
Re: Another FP in Longman Dictionary
« Reply #14 on: August 19, 2009, 08:55:49 PM »
Quote from: George Yves on August 19, 2009, 06:47:26 AM
I am too incompetent to draw a conclusion from a Wiki article.
george funny you are ;)
(I posted that link because it was the first one that came up when I googled "WildTangent"  ;D )

max
Logged
Pages: [1] 2   Go Up
« previous next »