Comments on: Symantec Dameware False Positive

By: Demonen

Demonen — Mon, 05 Oct 2009 12:50:50 +0000

I work for a huge OEM, and we ship a lot of software with our unit, especially for the end-user market.
Every few months we are hit by some sort of False Positive like this, and it generates support calls like you would not believe.
D’you think Symantec (or whatever AV vendor) pics up that tab? Me neither.

By: Penetration Test

Penetration Test — Sat, 19 Sep 2009 05:36:13 +0000

I have seen other remote administration tools detected previously as “hacker tools” or similar. e.g. psexec. How does an AV vendor decide which tools to include/ignore? It seems many tools can potentially be used for different purposes. Obviously doesn’t make the vendor of the included tool happy.

By: Eric Irvin

Eric Irvin — Thu, 17 Sep 2009 14:21:42 +0000

I noticed this yesterday, they had a problem with the Firefox installer earlier in the week also.