Windows 7 Forums
Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: I hate false positives


08 Jul 2013   #1

Windows 7 Home Premium x64
 
 
I hate false positives

Malware is bad, but false positives are almost as bad, in my experience.

I know no single antimalware is perfect, and free programs aren't near the quality of pay programs, and you often have to run 2 or more to find everything. MSE is.... well, it's free and part of Window sand while it offers live protection and is okay at catching a lot of bad stuff, I've had a few false positives with it, generally jpeg files and it only happens on occasion. I think it's an instance of the new definitions set having a bug that flags an image file the second it's created on the hard drive. It's happened... maybe 3 times for me and I know the files were safe otherwise.

I haven't had a malware infection for months. I was clean as of March, at the very least. I run MSE, Malwarebytes and SAS, with TDSSkiller on hand. I run a scan once a week and, at most, I find the same few tracking cookies. Between Adblock Plus, NoScript and Spybot's immunizations, I'm dodging the stuff the infects through browsers.

This morning I was playing freeware game Gungirl 2 on my secondary Dell XP computer, and on exiting the game I get a popup that says "stdst.exe has stopped working". A program not quitting right on exit isn't a big deal in itself, I've gotten somewhat used to it for certain games, especially freeware titles... Google that up and find lots of mentions of malware. So I have to run scans on both PCs and files on the Dell were taken off the Gateway.

EXCEPT I'm not infected as it seems stdst.exe is also a legit part of Multimedia Fusion and games made with it tend to have that internal program name- which likely explains why the program's icon in the notice box was that of the game. So I spent 15 minutes freaking out over nothing, apparently.

My System SpecsSystem Spec
.

08 Jul 2013   #2

Win 7 Pro x64 SP1, Win 7 Ult x86 SP1
 
 

I agree false positives are a problem.
When you find a questionable file, you can upload it to VirusTotal.
That will scan it with a LOT of scanners.
If only 1 or 2 show an issue while 40+ say it's ok, it's probably an FP.
https://www.virustotal.com/en/

Upload your stdst.exe and see what VT reports...
My System SpecsSystem Spec
08 Jul 2013   #3

Windows 7 Pro. 64/SP-1
 
 

David could you explain the method of uploading to VirusTotal. I have never got it to work.
My System SpecsSystem Spec
.


08 Jul 2013   #4

W7 Pro SP1 64bit
 
 

Quote   Quote: Originally Posted by Layback Bear View Post
David could you explain the method of uploading to VirusTotal. I have never got it to work.
If by "never got it to work" you mean that you encounter a problem during the upload process - then that is happening to several people that use IE10. The work around is to try again or use another browser.

I hate false positives-ie10-virustotal.png


My System SpecsSystem Spec
08 Jul 2013   #5

Windows 7 Pro. 64/SP-1
 
 

I use Firefox.
Let me try to explain.
Lets say I want to upload aaaaa.exe
Where on my computer do I copy/paste aaaaa.exe to able to upload to that site. It won't let me just type it in or copy/paste.
What method do you use?
My System SpecsSystem Spec
08 Jul 2013   #6

W7 Pro SP1 64bit
 
 

I select Choose File...

Name:  IE10-Virustotal.png
Views: 1
Size:  26.1 KB

...and then navigate my way to the file.


My System SpecsSystem Spec
08 Jul 2013   #7

Win 7 Pro x64 SP1, Win 7 Ult x86 SP1
 
 

I use the Choose File and navigate to it...same as Usernameissues
I use Firefox...
My System SpecsSystem Spec
08 Jul 2013   #8

Win 7 Pro x64 SP1, Win 7 Ult x86 SP1
 
 

I just tried Left mouse clicking in the VT file selection field.
It opened the File Upload (Explorer) window to the directory I last uploaded a file from.
My System SpecsSystem Spec
08 Jul 2013   #9

Windows 7 Pro. 64/SP-1
 
 

I'm thick headed so Bear with me. The file is not on my computer.
I have to copy/paste from a post and put it somewhere and then upload to virustotal.
This from post #1
stdst.exe

I know I'm missing some stupid little step somehow.
My System SpecsSystem Spec
08 Jul 2013   #10

Win 7 Pro x64 SP1, Win 7 Ult x86 SP1
 
 

If I understand correctly, you want to scan a file that is not on your computer.
I've never done that, but I found this in the VT documentation:
They have an "Uploader" utility program you can install that may do what you want.

Quote:
Fetching and scanning online files

Another handy option will have VirusTotal fetch and scan an online file without you even having to download it first. Type in the URL, or right-click it and choose "Copy link location" to cut and paste it, and then click the Get and upload button. The file will skip through your computer's memory, but will never be saved to your hard drive (by default). You will get the usual list of results and can then decide whether you want the download.
Source: https://www.virustotal.com/en/docume...total-uploader
My System SpecsSystem Spec
Reply

 I hate false positives




Thread Tools



Similar help and support threads for2: I hate false positives
Thread Forum
Malwarebytes Update causes Massive false positives. Security News
Malwarebytes false positives? System Security
False Positives: When Antivirus Goes Wrong Security News
Cascading false positives. Security News
a-square false positives? System Security
Avast update fixes false positives System Security
malwarebytes DB error false positives System Security

Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd

All times are GMT -5. The time now is 03:43 PM.
Twitter Facebook Google+



Windows 7 Forums

Seven Forums Android App Seven Forums IOS App
  

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33