« previous next »
Pages: [1]   Go Down

Author Topic: X-COM Files executable giving me a false positive: W32/exploit.gen  (Read 7665 times)

Offline Slaughter

  • Colonel
  • ****
  • Posts: 282
    • View Profile
X-COM Files executable giving me a false positive: W32/exploit.gen
« on: March 20, 2018, 10:26:28 am »
Anyone getting such false positives? Got it from Panda Antivirus
Logged

Offline Meridian

  • Global Moderator
  • Commander
  • *****
  • Posts: 9084
    • View Profile
Re: X-COM Files executable giving me a false positive: W32/exploit.gen
« Reply #1 on: March 20, 2018, 10:33:22 am »
Yes, 5 of 10 antivirus programs flag any new version as a virus.
After 2-3 weeks some of them realize how stupid it is and stop doing that.... some don't.
Logged

KZad Bhat

  • Guest
Re: X-COM Files executable giving me a false positive: W32/exploit.gen
« Reply #2 on: March 20, 2018, 01:26:45 pm »
I looked up the particular virus, and found this link.

https://einsteinathome.org/content/panda-antivirus-detecting-w32exploitgen
Logged

Offline Meridian

  • Global Moderator
  • Commander
  • *****
  • Posts: 9084
    • View Profile
Re: X-COM Files executable giving me a false positive: W32/exploit.gen
« Reply #3 on: March 20, 2018, 01:29:19 pm »
It's not a particular virus... even the name says it is just a placeholder for any "generic exploit".

The antivirus just has some heuristics, which detect anything even remotely dangerous... and will flag any such (usually new) executables, until they are whitelisted by enough user votes as false positives.
Logged

Offline yrizoud

  • Commander
  • *****
  • Posts: 1014
    • View Profile
Re: X-COM Files executable giving me a false positive: W32/exploit.gen
« Reply #4 on: March 20, 2018, 11:49:34 pm »
The description of this "exploit" is very broad. Maybe they mean "This uses sprintf(). If the developers are not careful, they can shoot themselves in the foot".
Logged

KZad Bhat

  • Guest
Re: X-COM Files executable giving me a false positive: W32/exploit.gen
« Reply #5 on: March 21, 2018, 01:50:19 am »
I was figuring it just had to mean there's some string of code that could do something it's not supposed to. I do remember having a keygen that I had to set an exception for, but then a keygen does have an algorithm similar to what you get in a password cracker, so it was pretty much a duh it would get reported.
Logged

Offline MFive

  • Captain
  • ***
  • Posts: 95
  • Lazy Sectoid
    • View Profile
Re: X-COM Files executable giving me a false positive: W32/exploit.gen
« Reply #6 on: April 11, 2018, 02:37:48 am »
Using Avast! Anti-virus and never have issues. It is free. Hope this helps.
Logged

KZad Bhat

  • Guest
Re: X-COM Files executable giving me a false positive: W32/exploit.gen
« Reply #7 on: April 11, 2018, 08:21:17 am »
Every anti-virus gets false positives from time to time. The more new software you try, to more likely you are to run across it. What everyone finding this issue means is Panda is running an algorithm that aggressively spots code related to this issue, whether it's actually dangerous, or close to, or just contains a string that can be used maliciously even if it's not actually used in this case. Avast will do it too, and I bet if you do a search for 'Avast false positives' you'll find a lot on it. The only real way to make sure there's not false positives is to scale back the aggressiveness of the security software until it won't report anything that's less than a 100% certainty, which will greatly increase the number of false negatives.
Logged
Pages: [1]   Go Up
« previous next »