Avast, Avira and Kaspersky flag 'Infected', still a false positive?

Discussion in 'other anti-virus software' started by Baserk, Sep 10, 2008.

Thread Status:
Not open for further replies.
  1. Baserk

    Baserk Registered Member

    Joined:
    Apr 14, 2008
    Posts:
    1,317
    Location:
    AmstelodamUM
    From the site Guru of 3D, I've downloaded a renowned program from Taiwanese company EnTech.
    It's called PowerStrip, a GPU control&customizing program, and I downloaded version 3.75 from Guru3D.
    When I scanned the file with VirusTotal, it got flagged by Avira, Avast, F-Prot and Kaspersky (and other KAV using progs) as infected with Backdoor.Win32.Hupigon.dodi.

    The newer 3.82 English version from EnTech's site got the same results.
    However, the 3.82 International version only got flagged by F-Prot and Kaspersky but not by Avast or Avira anymore.
    Dr.Web's online scanner comes up with Clean after scanning the file but when using Jotti's, A-2 flagged it as malware...:(

    There has been an malicious program/malware called PowerStrip before (data miner)
    My question is, how can I be sure that these are false positives without actually executing the program and potentially wrecking my system.
    Any other scan suggestions? :doubt:

    Thanks.

    Excuse me mods, if it should be in the anti malware section, could one of you put it there? Thx.
     
    Last edited by a moderator: Sep 10, 2008
  2. Baz_kasp

    Baz_kasp Registered Member

    Joined:
    May 1, 2008
    Posts:
    593
    Location:
    London
    I sent a mail to Kaspersky viruslab... will see what they say.
     
  3. subset

    subset Registered Member

    Joined:
    Nov 17, 2007
    Posts:
    825
    Location:
    Austria
    Very probably "Its a known false positive."
    Only PowerStrip IE toolbar is bad, not the well-known tweaking utility.
    But some detect malware by file names... :rolleyes:

    Cheers
     
  4. Baz_kasp

    Baz_kasp Registered Member

    Joined:
    May 1, 2008
    Posts:
    593
    Location:
    London
    It's a FP.

     
  5. Baserk

    Baserk Registered Member

    Joined:
    Apr 14, 2008
    Posts:
    1,317
    Location:
    AmstelodamUM
    Thanks very much!
     
  6. marciocruz

    marciocruz Registered Member

    Joined:
    May 7, 2008
    Posts:
    249
    avira,say is a false positive
    The file 'pstrip.exe' has been determined to be 'FALSE POSITIVE'. In particular this means that this file is not malicious but a false alarm. Detection will be removed from our virus definition file (VDF) with one of the next updates.
     
Loading...
Thread Status:
Not open for further replies.