Alot of False Positives

[Justin_22]

Virustotal results for SmitfraudFix.exe

AhnLab-V3    -    -    -
AntiVir    -    -    DR/Tool.Reboot.F.162
Authentium    -    -    W32/Backdoor2.DAHB
Avast    -    -    -
AVG    -    -    -
BitDefender    -    -    -
CAT-QuickHeal    -    -    -
ClamAV    -    -    Trojan.Killproc-1
DrWeb    -    -    Tool.Prockill
eSafe    -    -    Suspicious File
eTrust-Vet    -    -    -
Ewido    -    -    -
F-Prot    -    -    W32/Backdoor2.DAHB
F-Secure    -    -    Rogue:W32/IeDefender.CT
Fortinet    -    -    Misc/PrcViewer
GData    -    -    -
Ikarus    -    -    -
K7AntiVirus    -    -    -
Kaspersky    -    -    not-a-virus:RiskTool.Win32.Reboot.f
McAfee    -    -    potentially unwanted program PrcViewer
Microsoft    -    -    -
NOD32    -    -    Win32/PrcView
Norman    -    -    -
Panda    -    -    Adware/MalwareAlarm
PCTools    -    -    -
Prevx1    -    -    -
Rising    -    -    -
SecureWeb-Gateway    -    -    Trojan.Dropper.Tool.Reboot.F.162
Sophos    -    -    -
Sunbelt    -    -    Trojan.FakeAlert
Symantec    -    -    -
TheHacker    -    -    -
TrendMicro    -    -    PAK_Generic.001
VBA32    -    -    BackDoor.IRC.Chazz.38
ViRobot    -    -    Not_a_virus:RiskTool.Reboot.1478876
VirusBuster    -    -    -

   

[DavidR]

Colour me confused, but what has this got to do with avast as it doesn't report this acording to your VT results, so not an avast false positive ?

Your title is misleading in that I though you are saying avast (since you post it in the avast forums) has a lot of false positives, rather than something a little clearer, e.g. smitfraud.exe detected by many AVs as infected. But even that still casts guilt if you don't add (but not by avast).

But it isn't uncommon for a tool to be tarred with the same brush as to what it is hoping to detect or detecting some of the tools it uses to detect or eliminate the problem.

[Lisandro]

Wow... it's a common cleaning tool and it's being detected as infected...
Just to be sure, maybe testing the MD5 of the file.

[DavidR]

As I said not unusual for tools to get pinged because of what they do/contain to remove infection.

[polonus]

Hi DavidR,

Well it is quite common that some of these tools running to cleanse malware, are detected by scanners because they have similar characteristics as malware, and in the hands of the unscrupulous could be used maliciously, therefore they are flagged as "riskware".
So to say these are simple FP's is too simply put and out of perspective. This is the so-called grey area. In mentioned case as it is used for deleting malware, the scanners have to exclude it. But who decide between the way these executables are used?

polonus

[DavidR]

I'm not the one calling them false positives, just that avast isn't calling it anything but the topic title makes it look like avast has a lot of false positives.

[samuelvirucide]

  Hi Justin XP
    what is your reason why you put smitfraudfix.exe in virus total scanner?Are you testing its reliability?
THanks

   

[Justin_22]

DavidR I wasnt saying that Avast! has a lot of False Positives, I should have made the name of the topic clarify what the post contained more. And SamuelVirucide I uploaded SmitfraudFix.exe to virustotal because it was flagged by Kaspersky online scanner 7 as a "HackTool" and was interested to see how many scanners flagged it as malware.

-Justin