Prevx CSI

[Guest]

[grayhair]

   I recently ran Prevx CSI on one of my Vista machines.  It says I am "infected" w/Trojan horses C:\Windows\system32\drivers\ipinip.sys, and ~\drivers\blbdirve.sys.  No other scan shows this to be the case.  Is Prevx prone to false positives, and am I chasing my tail?

[aXes]

I have an experience with PrevX's false positive result. I scanned a computer with it and it saw some fonts as trojan. Their extensions were TTF. These were normal windows fonts.

Blbdriver.sys (you have syntax error) is related to Microsoft Vista software. Ipinip.sys is IP in IP Encapsulation Driver of MS Windows.

aXes

[grayhair]

   Thanks for response aXes.  The syntax error is a typing error--my Typing Class teacher (yes, it was called Typing Class back then) did not believe boys belonged in her classroom, so I blame my typing mistakes on her (or, is it my big fat fingers?).  Prevx did want my money to "fix" these issues. Since no other scan sees them as bad I will chock it up to false positives (aimed at my wallet).

   Thank you and cheers.          

[aXes]

You are welcome!

aXes

[Vettetech]

Upload it here.

http://www.virustotal.com/

[Info-Sec]

   I recently ran Prevx CSI on one of my Vista machines.  It says I am "infected" w/Trojan horses C:\Windows\system32\drivers\ipinip.sys, and ~\drivers\blbdirve.sys.  No other scan shows this to be the case.  Is Prevx prone to false positives, and am I chasing my tail?

When I upload to virus total and Prevx returns the file as a virus, and no other vendor says it is, I ignore prevx.

IT HAS BEEN KNOWN, that prevx returns false positives.  I would NOT take prevx's word over:

*avira
*NOD 32
*Avast!

Or several other scanning engines.

[Tags:]