Using 2013 version of the software. Today it flagged the xvid.dll and xvidcore.dll files in my Windows 7 system32 directory. The last modified dates for the dll's were from 2004, and this isn't the first time I've gotten false positives with SecvureAnywhere 2013, and at least one of the other incidents was also for the W32.Malware.Gen.
In the past they were pretty much associated with downloaded executables, and I didn't mind deleting them, since they were usuyally older archived versions; but I wasn't about to delete any dll's without rechecking. A Webroot rescan picked up the same files. I then scanned the directory with Emsisoft's malware detector, and it found nothing.
I'm becoming concerned about these false positives. Are others finding this happening repeatedly?
----------------------------------------------------------------------------------------------------------------------------------------
[b] c:windowssystem32xvid.dll [MD5: 4581AC2AAD750548AC6B4AA6A06D1926] [Flags: 00080000.11333] [Threat: W32.Malware.Gen]
[b] c:windowssystem32xvidcore.dll [MD5: 06E70FF8D74F243C32BC38E00837E193] [Flags: 00080000.11335] [Threat: W32.Malware.Gen]
Solved
Another false positive for W32.Malware.Gen - This time in xvid.dll, xvidcore.dll
Best answer by Rakanisheu Retired
Hello,
Thanks for the feedback, I have fixed those false positives and they should no longer be detected. With any AV software there will be some false positives but we generally have a very low number of FP`s considering the large volume of malware that we detect every day.
Webroot will not remove any critical Windows files that are needed to it to boot but there is no harm in submitting a troubleshooting ticket so we can take a look at any detection if you are ever concerned. The detection name (W32.Malware.Gen) is a generic malware group name that is used by the industry.
Thanks,
Roy
Threat Research
View originalThanks for the feedback, I have fixed those false positives and they should no longer be detected. With any AV software there will be some false positives but we generally have a very low number of FP`s considering the large volume of malware that we detect every day.
Webroot will not remove any critical Windows files that are needed to it to boot but there is no harm in submitting a troubleshooting ticket so we can take a look at any detection if you are ever concerned. The detection name (W32.Malware.Gen) is a generic malware group name that is used by the industry.
Thanks,
Roy
Threat Research
Hello harried and welcome to the Community!
False positives do not seem to be a problem for most users, but please Submit a Trouble Ticket as that is the best way to report such issues.
False positives do not seem to be a problem for most users, but please Submit a Trouble Ticket as that is the best way to report such issues.
Hello,
Thanks for the feedback, I have fixed those false positives and they should no longer be detected. With any AV software there will be some false positives but we generally have a very low number of FP`s considering the large volume of malware that we detect every day.
Webroot will not remove any critical Windows files that are needed to it to boot but there is no harm in submitting a troubleshooting ticket so we can take a look at any detection if you are ever concerned. The detection name (W32.Malware.Gen) is a generic malware group name that is used by the industry.
Thanks,
Roy
Threat Research
Thanks for the feedback, I have fixed those false positives and they should no longer be detected. With any AV software there will be some false positives but we generally have a very low number of FP`s considering the large volume of malware that we detect every day.
Webroot will not remove any critical Windows files that are needed to it to boot but there is no harm in submitting a troubleshooting ticket so we can take a look at any detection if you are ever concerned. The detection name (W32.Malware.Gen) is a generic malware group name that is used by the industry.
Thanks,
Roy
Threat Research
@ wrote:
Hello,
Thanks for the feedback...........
Thanks,
Roy
Threat Research
Roy, it is GREAT to see you becoming more active on here!
Thanks for the prompt responses and help! I had submitted a question about the incident under the support "other" option. I'm not sure if that's what the trouble ticket is. I looked at the form for submitting a false positive, but that was for the software vendor.
I`ll keep an eye out for the ticket. The files have been marked good in any case but there is no harm in having a ticket as we can keep a record of any issue that you have had .
1 person likes this
Reply
Login to the community
No account yet? Create an account
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.