False positives

Discussion in 'Prevx Releases' started by PeterVO, Sep 10, 2009.

Thread Status:
Not open for further replies.
  1. PeterVO

    PeterVO Registered Member

    Joined:
    Aug 25, 2003
    Posts:
    87
    Location:
    Belgium, Leuven
    Hello,

    I'm using HitmanPro (V3.5.1 build 70) but it's the Prevx-detection module that's giving the following false positives :'(:

    1) XPSysPad.exe: "High Risk Worm"
    2) WinSuperMaximize.exe: "High Risk Infostealer".

    Kind regards,

    PeterV
     
  2. mhob

    mhob Registered Member

    Joined:
    Dec 22, 2008
    Posts:
    26
    Interesting. Prevx found "clnr0.dll" in my Avast Anti-virus data directory. It claimed it was malware. What was strange, is that I opened the Avast folder, right-clicked and scanned it with Avast. Then the file disappeared!

    I have been getting at least 1-2 detections a week that I think are false positives. This is with Heuristics at Medium/Low/Low. Most of the detections said it was "cloaked malware". One time it happened after I upgraded Creative Sound Card drivers.

    So I don't know what to believe? Do I really have cloaked malware on my system? Or is it all false positives? I'm tempted to just wipe out my whole drive and reinstall O/S.
     
  3. vlk

    vlk AV Expert

    Joined:
    Dec 26, 2002
    Posts:
    621
    <avast>\data\clnr0.dll is the avast virus cleaner module. It is digitally signed and should be safe (if the signature matches).
     
  4. Triple Helix

    Triple Helix Specialist

    Joined:
    Nov 20, 2004
    Posts:
    12,604
    Location:
    Ontario, Canada
  5. PrevxHelp

    PrevxHelp Former Prevx Moderator

    Joined:
    Sep 14, 2008
    Posts:
    8,242
    Location:
    USA/UK
    I'm fairly sure these are false positives but its always worth checking if you could send us a log file using the instructions which Triple Helix has outlined:
    https://www.wilderssecurity.com/showthread.php?t=245129

    Thanks! :)

    In the meantime I will close this thread - please send me PM if you have any problems or questions!
     
    Last edited: Sep 10, 2009
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.