Author Topic: Why so much false positives?  (Read 959 times)

Offline kinemitor

  • Comodo's Hero
  • *****
  • Posts: 322
Why so much false positives?
« on: October 23, 2016, 08:00:25 PM »
Recently installed CCAV because i dont need firewall neither a full antivirus, as they are a waste of resources, and CIS dont allow you to install only Defense+ which is what I wan, CCAV is the closest to it.
I love how it works sending all by default to the sandbox.
but now the problem comes and has a name "valkyrie", CCAV wanted to do a full scan even when I dont want, after having it done there was 400+ files to be analyzed ,1 malicious(false positive) 3 trusted. after 3 days it has 337/10/147 in the same order. but all of those 10 malicious all are false.
so I was checking the Valkyrie analysis to see what it is considering so malicious.
all is clean but this in static analisis:

*Header Checksum is zero!*
anyone can explain what it is and why valkyrie consider it as a threat?

here are some examples of the false positives only to name a few.
SHA1
2EC0497C8A9964BD904ED4B8259572A5656EEDD0
74842E7AEAACA722D7AD1ECADF0BF8C9100B426B
C2E2B11B2759CAF56240881C3BEAE7C9F70E7621
C7B4CBC1BD7A2957F56C8E66A274687FB12232A8
7F0A15C43E39CE71DBFF30BE80300F1AE0B3ACC0
there are several more and increasing. I dont know if some are already checked by a human, but that is not the point.

Note i am not whining about the antivirus and already reported all as false positive.
This is only a questioning about how things works and why the paranoia is still not fixed.

 

Free Endpoint Protection
Seo4Smf 2.0 © SmfMod.Com Smf Destek