Wilders Security Forums  

Go Back   Wilders Security Forums > Official Prevx Support Forum > Prevx Releases
Reload this Page Prevx False Positives
User Name
Password
Register FAQ Members List Calendar Search Today's Posts Mark Forums Read

 
 
Thread Tools Search this Thread
  #1  
Old May 15th, 2010, 03:12 AM
CiX's Avatar
CiX CiX is offline
Frequent Poster
  
Join Date: Feb 2010
Posts: 404
Default Prevx False Positives
Prevx detect OpenOffice.org Portable file as malware
Name: Prevx FP.JPG Views: 361 Size: 46.4 KB
  #2  
Old May 15th, 2010, 04:17 AM
shadek's Avatar
shadek shadek is offline
Very Frequent Poster
  
Join Date: Feb 2008
Location: Sweden
Posts: 1,786
Default Re: Prevx False Positives
Does Hitman Pro contain a Prevx module? I get it that Hitman scans with different engines 'in the cloud'. Is this module the same as right-clicking-scan on a certain file in Prevx? Because that does not nearly detect as many malware samples as executing it and let Prevx do all layered scans.
  #3  
Old May 15th, 2010, 05:06 AM
Baz_kasp's Avatar
Baz_kasp Baz_kasp is offline
Frequent Poster
  
Join Date: May 2008
Location: London
Posts: 593
Default Re: Prevx False Positives
Nice sticky topic at the top of the forum:

http://www.wilderssecurity.com/showthread.php?t=245129

For your reading pleasure

(P.s. In this case you'd probably be better off contacting HitMan)
  #4  
Old May 15th, 2010, 06:14 AM
erikloman's Avatar
erikloman erikloman is offline
Developer
  
Join Date: Jun 2009
Location: Hengelo, The Netherlands
Posts: 1,128
Default Re: Prevx False Positives
Quote:
Originally Posted by CiX
Prevx detect OpenOffice.org Portable file as malware
Attachment 217975
I have looked into the problem and if you upload the listed files to VirusTotal then they are also listed there (also Symantec list them). So it isn't a Hitman Pro specific issue.
  #5  
Old May 15th, 2010, 10:02 AM
Triple Helix's Avatar
Triple Helix Triple Helix is online now
Prevx Forum Helper
  
Join Date: Nov 2004
Location: Oshawa, Ontario
Posts: 9,612
Default Re: Prevx False Positives
I agree with Baz_kasp send the files to Prevx via the link he posted and not in the forums because the Prevx Staff wants users to use the Official Channel as stated in that post for any possible FP's!

TH
__________________
Triple Helix - Microsoft® MVP Consumer Security 2012/14

VIP Member Of ASAP - (Alliance of Security Analysis Professionals™)

Webroot® SecureAnywhere™ Complete 2013 Closed Beta Tester v8.0.2.147 - VoodooShield 1.08 - Windows 7 Ultimate 64bit and all Windows OS's from XP to Win 8 on VM's.
Last edited by Triple Helix : May 15th, 2010 at 10:59 AM.
  #6  
Old May 15th, 2010, 10:07 AM
Cudni's Avatar
Cudni Cudni is offline
Global Moderator
  
Join Date: May 2009
Location: Somethingshire
Posts: 6,944
Default Re: Prevx False Positives
Quote:
Originally Posted by Triple Helix
send the files to Prevx via the link he posted and not in the forums because the Prevx Staff wants users to use the Official Channel as stated in that post for any possible FP's!!

is there no merit in doing both? That way other users know there is a potential FP and that something will be done about as it is reported.

or maybe have a place where to see already reported false positives
__________________
once we only had ideals, today they are the only things we are missing
Microsoft MVP, 2006 - 2013/14
  #7  
Old May 15th, 2010, 10:16 AM
Triple Helix's Avatar
Triple Helix Triple Helix is online now
Prevx Forum Helper
  
Join Date: Nov 2004
Location: Oshawa, Ontario
Posts: 9,612
Default Re: Prevx False Positives
Quote:
Originally Posted by Cudni
is there no merit in doing both? That way other users know there is a potential FP and that something will be done about as it is reported.

or maybe have a place where to see already reported false positives

This is what PrevxHelp said awhile back:http://www.wilderssecurity.com/showp...&postcount=384

HTH,

TH
__________________
Triple Helix - Microsoft® MVP Consumer Security 2012/14

VIP Member Of ASAP - (Alliance of Security Analysis Professionals™)

Webroot® SecureAnywhere™ Complete 2013 Closed Beta Tester v8.0.2.147 - VoodooShield 1.08 - Windows 7 Ultimate 64bit and all Windows OS's from XP to Win 8 on VM's.
  #8  
Old May 15th, 2010, 12:36 PM
PrevxHelp's Avatar
PrevxHelp PrevxHelp is offline
Prevx Moderator
  
Join Date: Sep 2008
Location: USA/UK
Posts: 7,583
Default Re: Prevx False Positives
Hello
If you could please send us a scan log or the samples to report@prevxresearch.com, we will correct the FP from there.

For now, I have closed this thread as our policy is to have false positive reports sent directly to us because this forum is used for software support and not for false positive corrections (none of our research team members check this forum so it does not help to submit them here).
 

Wilders Security Forums > Official Prevx Support Forum > Prevx Releases « Previous Thread | Next Thread »

Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Settings
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump


All times are GMT -4. The time now is 01:16 PM.

Contact Us - SSL - Wilders Security - Archive - TOS/Privacy - Top

Powered by vBulletin® Copyright ©2000 - 2013, Jelsoft Enterprises Ltd.
Copyright ©2002 - 2013, Wilders Security Forums