False positives on .exe?

03-04-2011, 05:15 AM #1

The Open Minded

☮✌Peace Maker✌☮

2,022

Posts

6,347

Reputation

0

Credits

Premium

Jan 2011

NextGenUpdate

(adsbygoogle = window.adsbygoogle || []).push({}); Is there any way to differentiate between an actual virus and a false positive on a .exe keygen?

(adsbygoogle = window.adsbygoogle || []).push({});

03-09-2011, 10:12 PM #20

David.

Do a barrel roll!

61

Posts

56

Reputation

0

Credits

Member

Jan 2011

NextGenUpdate

Originally posted by microcell

hmm im not sure... it could be...
i dont use anti virus because it deletes files i want to keep :p

AV killers in my experience is just ending procceses of the anti virus and an check every second to see if they are enabled again so it can close it again..
also an easy way to check is your infected is just look if your built-in windows fire wall is still enabled, if it is not and it was before without you turning it off yourself you can be sure your infected ;o

That is a good point. Common tactic is disabling windows firewall, not sure about Windows defender for Vista and 7 though.

03-10-2011, 08:05 PM #21

Oneup

Guest

n/a

Posts

n/a

Reputation

n/a

Credits

Member

Once upon a time...

NextGenUpdate

Originally posted by Tuhoaja

No

I didnt know that either.
But I tested Dereks crypted iStealer server...
And I had all firewalls and anti-virs on and I ran it Sandboxed.
None of av's detected it, and it send my passwords to Derek.

I guess the better question is do you know how to setup a fire wall. Because you can have it so only certain applications can go out and have all ports still be closed. And anything not on the list won't go out.

As for false positives, generally if it says it's a virus, it's just best to not deal with it, key gens don't really generate a key rather they pull from a list of keys. This doesn't really prove true to those who have to also spit out an activation number (ie cs2) but 90% of them are like that