Hi guy i dont know if this is true of my Malwarebytes found again the endbuild.bat as a Trojan:FakeAlert again… Should i send the file to the chest and send to Avast! for a analysis ?
Mr.Agent
PS : I hope im in the right section for post this again…
Sorry to double post but its mark it as a virus when i do only quick scan or full scan. Other wise when i right click and scan with Malwarebytes its didnt detect it as a virus… Please help me.
A false positive is when a virusscanner flags a dll, executable, process or anything else as malware and it is not malware but legit. Then we speak of a false positive. False positives is a risk of every scanner because malware and normal software can share the same heuristic characteristics, can use the same packers or “crypters” and then an anti virus scanner or anti-malware scanner can flag it. FP’s cannot always be avoided and sometimes it also depends on what the scanner sees as malcode. There is also a grey area for tools that can be legit in the hands of the user that has installed it himself, a so-called risktool (some flag netcat, Fport, MozillaCacheViewer from NirSoft (Tool-NirCmd (A or 3), etc.
A FP is really a problem when a virus scanner starts to flag and quarantine a file that is essential for the right functioning of the OS, it can then cripple it or cause a Blue Screen of Death even.
I know the makers of avast are always very keen to repair alleged FP’s and very often they come repaired in a next update of the iAVS. You can update a file that you think could be a FP to virustotal.com for a second op check against several scanners.