McAfee False Positive???

Discussion in 'other anti-virus software' started by TheKid7, Apr 18, 2008.

Thread Status:
Not open for further replies.
  1. TheKid7

    TheKid7 Registered Member

    Joined:
    Jul 22, 2006
    Posts:
    3,469
    I have McAfee Virusscan Enterprise 8.0i (Only because it is free) on one of my 3 Windows PC's. As a second opinion I recently started using BitDefender 10 Free.

    Today I downloaded the program "RunScanner" from Runscanner.net. When I scanned the zipped file with McAfee it said it was clean. When I scanned with BitDefender it said that it was clean. During the BitDefender scan McAfee popped up saying that it had Quarantined a "New Poly32 (Virus)". I then noticed a trend that if I do a scan with BitDefender on the RunScanner file that McAfee always shows that it moved a "New Poly32 (Virus)" to Quarantine but if I scan other files nothing happens. The original RunScanner file seems to be intact after McAfee reports a move to Quarantine.

    I uploaded the RunScanner zipped file to VirusTotal and it said that the file had already been recently scanned. So I chose to do a new scan. Only Prevx1 Version 2 showed a Heuristic Possible Malware that can mutate/change (I forgot the exact wording of the Prevx scan result.).

    What to you make of this? False positive?

    P.S. a few days ago McAfee showed two Trojan files detected in Sun Java and moved to Quarantine. Online scans with Kaspersky, Trendmicro, NOD32 and Panda ActiveScan confirmed more Trojans in Sun Java. I had Trendmicro clean them.

    In the back of my mind I worry that there could be a remote chance of a looming hard drive problem that could be causing/aggrevating this. The hard drive S.M.A.R.T. shows OK each time that I check it. The PC seems to be relatively stable.
     
  2. noway

    noway Registered Member

    Joined:
    Apr 24, 2005
    Posts:
    351
    Can't really advise you what to do, but will say that the runscanner program I downloaded from runscanner.net just now was clean using McAfee Virusscan Enterprise 8.5i. If it was me I would just stick with McAfee ONLY and wondered if your "license" would work on the newer 8.5i which you could download. Also make sure you are using the latest Virusscan patch for whatever version you use.
     
  3. computer geek

    computer geek Registered Member

    Joined:
    Oct 6, 2007
    Posts:
    776
  4. thanatos_theos

    thanatos_theos Registered Member

    Joined:
    Apr 28, 2007
    Posts:
    540
    I think there's a compatibility issue with Mcafee and Bitdefender; cause of false positive :doubt:. Sometimes problems arise when you have two antivirus installed even if the other has no on-access scanner.

    thanatos
     
  5. computer geek

    computer geek Registered Member

    Joined:
    Oct 6, 2007
    Posts:
    776
    If you know the file, scan it at virustotal.
     
  6. RunScanner

    RunScanner Registered Member

    Joined:
    Feb 27, 2007
    Posts:
    58
    PrevX show indeed a heuristic warning in virustotal, other virusscanners should flag Runscanner as OK
     
  7. emperordarius

    emperordarius Registered Member

    Joined:
    Apr 27, 2008
    Posts:
    1,218
    Location:
    Who cares
    PrevX detects anything packed as malware...
     
Loading...
Similar Threads
  1. Ibrad
    Replies:
    24
    Views:
    2,421
Thread Status:
Not open for further replies.