Thursday, January 31, 2008

False/Positive Detection of WinPatrol by Kaspersky & Prevx1

Kaspersky and Prevx1 users need not be concerned if WinPatrol pops up in a scan by either software. This is a false/positive and has been reported.

The results of an upload of WinPatrol to VirusTotal currently yield the following results:
Kaspersky 2008.01.31 not-a-virus:AdWare.Win32.DealHelper.ak

Prevx1 V2 2008.01.31 Heuristic: Suspicious Hijacker
This isn't the first time this has happened. It seems to accompany a WinPatrol update. See


Kaspersky removed the Patrol Setup.exe from their definitions but Prevx1 is still showing it as "Prevx1 V2 2008.01.26 Heuristic: Suspicious Hijacker". At least I an understand this since "WinPatrol uses a heuristic behavioral approach to detecting attacks and violations of your computing environment." However, it would be better if Prevx whitelisted it.

Update 01Feb08:

Prevx responded and has added WinPatrol to their white listed.

Many thanks to both Kaspersky and Prevx for responding so quickly.

Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

1 comment:

Bill Pytlovany said...

And thanks to Corrine and others who followed up with the companies. At the time I was attending an AntiSpyware conference in D.C with limited wireless acceess in the bowls of the Capital Hyatt.