KAV False Positive mswinsck.ocx

Discussion in 'other anti-virus software' started by FanJ, Sep 20, 2005.

Thread Status:
Not open for further replies.
  1. FanJ

    FanJ Guest

    I think that KAV gives a False Positive on

    I'm not exactly happy with this ! :blink:

    Scanned in Safe Mode on Win98SE with KAV 4.5

    MD5 checksum:

    This file was not changed on my system in a long time.
    Report from NISFileCheck:
    Application: c:\windows\system\mswinsck.ocx
    Status: Unchanged
    Version old: 6.01.9782
    Size old: 124688
    Date old: 2004-03-08 23:00:00
    RMD160 Hash old: DADEF71BA2260FFF2820A7653D8BA07513C92DBD

    First screenshot:

    Attached Files:

  2. FanJ

    FanJ Guest

    Checked at Jotti Online scanner.

    Second screenshot:

    Attached Files:

  3. FanJ

    FanJ Guest

    Of course I know that every scanner can give a FP from time to time.
    I know it.
    In my case, at this moment (while I'm trying to fix someone-else's PC from a lot of malware), it's a bad moment...

    I will later submit the file to KAV.

    My question for the moment:
    Did some of you find this FP too?

    Cheers, Jan.
  4. FanJ

    FanJ Guest

    Please, I'm begging you ALL :

    Did someone else of you get this alert from KAV also ?

    Please, do let us know :D

    Thanks in advance !!!
    Cheers, Jan.
  5. FanJ

    FanJ Guest

    PLEASE !!!!!

    PLEASE do let us know if you also got that warning from KAV.

    PLEASE, I'm begging you all ! ;)
  6. FanJ

    FanJ Guest

    Is there really nobody here on this board who would like to help me here....?

    Once again, I am begging on my knees :
    PLEASE DO POST !!!!!!!!!!
  7. StevieO

    StevieO Guest

    Hi Fan,

    I have the same file on 98SE, but an earlier version, 6.00.8988 106KB

    I scanned at Jottis, Clean, and then with KAV and Antivir on my PC, Clean, followed by an attempt with AVG.

    Part way through my PC froze and i had to restart. When it did it was in safe mode. As this often displaces the icons on the desktop, i did a regrestore to a previous copy. All is well now !

    Have you thought of just DL a fresh copy of the file and replacing it ?

  8. FanJ

    FanJ Guest

    Thanks a lot StevieO for replying !!!!!
    Very much appreciated !!!!! :D

    It looks to me at the moment that KAV has fixed it.
    After having just updating my KAV 4.5 definitions to "known viruses 141265", I don't get that warning from KAV anymore when right-clicking that file and letting KAV scanning it.

    And Jotti's online scanner doesn't give that warning too anymore :)
    See screenie.

    I was in desperate need to be sure that that file, or any other file on my system, was not infected.
    I cannot help someone else on an infected system when I'm in doubt whether my own system is clean....

    Time to let KAV do again a full system scan in Safe Mode while I'll try to have some sleep.

    Thanks again StevieO for your posting !!!!!
    Cheers, Jan.

    Attached Files:

    Last edited by a moderator: Sep 20, 2005
  9. Honyak

    Honyak Registered Member

    Jul 19, 2004
    Deep South
    I got the same FP today and sent it to KAV, within 5 minutes I had a reply that it was a false positve and would be fixed and it has been.
  10. FanJ

    FanJ Guest

    Thanks Honyak !!!
    Thanks also to KAV for fixing it so quickly !!! :D

    I fully admit that I was too much stressed when I posted this thread :oops: :oops:
  11. Albinoni

    Albinoni Registered Member

    Feb 17, 2005
    Perth, Western Australia
    Well what does this say, its time to update and use NOD32 :D
  12. FanJ

    FanJ Guest

    Hi Albinoni,

    It does not say very much: every scanner has sometimes a false positive.
    Let's not forget that KAV fixed it quickly.

    I do have both NOD32 and KAV :)

    Again I would like to make clear that I should have posted in another way (I was too much stressed); I am sorry for that !

    I really see no point in going on in this thread. There was a FP, people informed each other and KAV, and it was quickly fixed; that's all.

    Best regards, Jan.
  13. Honyak

    Honyak Registered Member

    Jul 19, 2004
    Deep South
    If I changed AV everytime I got a FP, I would be out of choices. Think I will stick with KAV.
  14. Ned Slider

    Ned Slider Registered Member

    Mar 24, 2005
    I noticed KAV was falsely detecting /windows/system32/wextract.exe earlier today, but it was quickly fixed in the next hourly update :)

    Further, I occasionally catch new worms on my honeypot and send them to kaspersky, and they are very quick to add them to their database.

    I certainly value their quick responses :)

  15. Technodrome

    Technodrome Security Expert

    Feb 13, 2002
    New York
    I had 3 FPs today. Quickly fixed as you said.[​IMG]


    Attached Files:

Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.