Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

VirusTotal and false positives


  • Please log in to reply
5 replies to this topic

#1 desk7

desk7

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:10:54 PM

Posted 01 October 2017 - 12:43 PM

After CCleaner was hacked with malware, I started to scan every .exe with VirusTotal. Unfortunately it is difficult to find a completely clean file.

I've just upload firefox installer and Uplay installer (from Ubisoft) and here you have results:

https://www.virustotal.com/it/file/d3a5e796a0e07b850a150fb15230d9620d88c2b582409b4fcc22acca0c865133/analysis/1506879300/

https://www.virustotal.com/it/file/dffa2b7fd055a691e67b07f5a303b99c6482d0cf9e455525919958782a5f38f1/analysis/1506879573/

I downloaded them from official website but the episode of CCleaner teaches that it is not enough!

Are they false positive? 



BC AdBot (Login to Remove)

 


#2 desk7

desk7
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:10:54 PM

Posted 03 October 2017 - 06:11 AM

After CCleaner was hacked with malware, I started to scan every .exe with VirusTotal. Unfortunately it is difficult to find a completely clean file.

I've just upload firefox installer and Uplay installer (from Ubisoft) and here you have results:

https://www.virustotal.com/it/file/d3a5e796a0e07b850a150fb15230d9620d88c2b582409b4fcc22acca0c865133/analysis/1506879300/

https://www.virustotal.com/it/file/dffa2b7fd055a691e67b07f5a303b99c6482d0cf9e455525919958782a5f38f1/analysis/1506879573/

I downloaded them from official website but the episode of CCleaner teaches that it is not enough!

Are they false positive? 

It is probably a dumb question, but I'd like to have some answers.



#3 Umbra

Umbra

    Authorized Emsisoft Rep


  • Members
  • 139 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:54 AM

Posted 03 October 2017 - 04:32 PM

The consensus on virus total is if 90% of the results indicated it is clean, so it is a FPs.  



Emsisoft Community Manager


#4 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,597 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:04:54 PM

Posted 03 October 2017 - 06:33 PM

VirusTotal, a subsidiary of Google, is a free online service that analyzes files and URLs enabling the identification of viruses, worms, trojans and other kinds of malicious content detected by antivirus engines and website scanners. At the same time, it may be used as a means to detect false positives, i.e. innocuous resources detected as malicious by one or more scanners...VirusTotal...a tool that checks suspicious samples with several antivirus solutions and helps antivirus labs by forwarding them the malware they fail to detect...Very often antivirus solutions and URL scanners will produce false positives...VirusTotal simply acts as an information aggregator and cannot and will not be held responsible for these false positives. VirusTotal will not whitelist any files or URLs and will not remove any detections resulting from the normal operation of the products it makes use off. False positives should be dealt with the developer/company that offers the product generating the erroneous detection...VirusTotal's antivirus engines are commandline versions, so depending on the product, they will not behave exactly the same as the desktop versions...

About VirusTotal
VirusTotal FAQs
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#5 desk7

desk7
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:10:54 PM

Posted 04 October 2017 - 10:59 AM

Thanks for answers! Now I'm calm



#6 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,597 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:04:54 PM

Posted 04 October 2017 - 04:20 PM

You're welcome on behalf of the Bleeping Computer community.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users