How do you debunk a false positive?

Discussion in 'other anti-malware software' started by NonGeek, Aug 17, 2016.

  1. NonGeek

    NonGeek Registered Member

    Joined:
    Dec 28, 2015
    Posts:
    41
    Say that you fell off your chair after your daily AV scan turns the UI to blood red. Then you think that can't possibly be the case. What do you do before you let the file out of quarantine?
     
  2. roger_m

    roger_m Registered Member

    Joined:
    Jan 25, 2009
    Posts:
    8,627
    I have my antivirus configured to prompt me to let me choose what action to take whenever a threat is found. Because of this nothing ever gets quarantined automatically. I've been cleaning malware from PCs for 26 years and (usually) I can quite easily tell if something detected is an actual threat or a false positive.

    If you're ever unsure about a file then it's worth checking it at VirusTotal to see if it's safe or not.
     
  3. ropchain

    ropchain Registered Member

    Joined:
    Mar 26, 2015
    Posts:
    335
    Sandbox and manual analysis also work.
     
  4. Amanda

    Amanda Registered Member

    Joined:
    Aug 8, 2013
    Posts:
    2,115
    Location:
    Brasil
    That's what I do, even with large programs/games. I did this with the MOD "Goldeneye Source" before installing it for real.
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.