5 {{ upvoteCount | shortNum }}
5 {{ upvoteCount | shortNum }}

How to tell if False Positive is a False Positive

by Michael Mayo
4 replies
Okay here's the scoop...

I downloaded a program and my anti virus program(Prevx) flagged it
as being Malware.

My thoughts are that Prevx is wrong about this program but just
in case I'm wrong, I want to make sure.

How can I tell if this is a False Positive or a real threat with out
having to run the program?

Thanks,
Have a Great Day!
Michael
#false #positive
  • Profile picture of the author Amir Kostic
    I always use Sandboxie if I'm not sure about something. You can run web browser or any program in isolated space (with sandboxie), so your computer is not affected at all. To understand it better check their official website at Sandboxie - Sandbox software for application isolation and secure Web browsing.
    {{ DiscussionBoard.errors[4776806].message }}
  • Profile picture of the author jmartinez
    One simple thing that won't proove it isn't a virus, but can help confirm it is you can do a google search on that application and a few virus keywords. See if any known exploits come up. You can also search on keywords from what your antivirus complained about. It may give you some insight. Many viruses are well documented.
    {{ DiscussionBoard.errors[4776978].message }}
  • Profile picture of the author Michael Mayo
    Thanks guys,

    I did originally google the keywords and the program's file name which
    returned no usable results.

    I also uploaded the file to VirusTotal - Free Online Virus, Malware and URL Scanner
    and out of the 43 virus programs they run only 3 flagged it as a threat.

    The weird thing was that one of the virus programs they run is Prevx and it
    didn't flag it as it does on my system. They are running the latest version as
    am I.

    Each of the 3 that did flag it, all of them flagged it as something different?

    1. ByteHero 1.0.0.1 2011.09.23
    Trojan.Spy.Gen.b

    2.McAfee GW-Edition 2010.1D 2011.09.28
    Heuristic.Behaves Like.Win32.Packed.A

    3.SUPERAntiSpyware 4.40.0.1006 2011.09.28
    Trojan.Agent/Gen-SVC[Fake]

    Thanks,
    Have a Great Day!
    Michael
    {{ DiscussionBoard.errors[4777078].message }}
  • Profile picture of the author mywebwork
    Hi Michael

    I've found this to be a useful utility, has saved me more than once:

    Malwarebytes : Free anti-malware, anti-virus and spyware removal download

    Do a full scan of your system with it and see what comes up.

    Bill
    {{ DiscussionBoard.errors[4777552].message }}

Trending Topics