Author Topic: False Positive?? (Read 2265 times)

wildthing1968 · « **on:** April 29, 2009, 07:38:25 PM »

Hi

I have had a few reports of Win32:Vitro on my computer but a scan with Kaspersky came up blank. I subsequently sent one of the file to VirusTotal to have it scanned by a few scanners. The only ones to find anything was Avast and Gdata. I find it difficult to believe that out of 40 scanners only 2 find a virus. http://www.virustotal.com/analisis/b66ac7a5544ffe0b9d1a8dd30b93be66

I was wondering if anyone else had seen any false positives before I start reformatting every computer on the network.

Cheers

Maxx_original · « **Reply #1 on:** April 29, 2009, 07:59:52 PM »

it could be a previously infected and disinfected set of files... i have seen some samples, which were disinfected with some 3rd party tool, but were not fully cleaned from all virut traces... these files are not dangerous, but the remaining (inactive) parts of the previous infection can trigger the avast warning..

wildthing1968 · « **Reply #2 on:** April 30, 2009, 09:53:35 AM »

I just noticed it says "contains SAMPLE of "win32:Vitro"". Would this mean it only contains part of the original virus? If not, is there any way to tell if it's a real infection or just a remnant.

Thanks

Author Topic: False Positive?? (Read 2265 times)

wildthing1968

False Positive??

Maxx_original

Re: False Positive??

wildthing1968

Re: False Positive??