LinuxQuestions.org - [SOLVED] How to determine if something is a false positive in a scan?

- Linux - Newbie (https://www.linuxquestions.org/questions/linux-newbie-8/)

- - How to determine if something is a false positive in a scan? (https://www.linuxquestions.org/questions/linux-newbie-8/how-to-determine-if-something-is-a-false-positive-in-a-scan-4175664271/)

How to determine if something is a false positive in a scan?

On my VirusTotal scans of files I keep running into one scanner finding something. I want to get this writing software yWriter http://www.spacejock.com/yWriter6.htmland I've run the Linux zip file, the .exe file from the Linux zip file and the Windows .exe and VT has returned these three things respectively:

Suspicious.low.ml.score
Malicious.high.ml.score
W32.HfsIemusi.

I read somewhere to drop the .exe file onto hybridanalysis.com but is it safe? https://www.hybrid-analysis.com/

A lot of writers use yWriter6, should I just ignore all the warnings?

And what's the best way to determine if something is a false positive or malware?

Thanks.

You could try submitting them to another scanner for comparison, such as Symantic or Trendmicro:

https://www.symantec.com/security-ce...-virus-samples

https://success.trendmicro.com/solut...g-threat-query

Quote:

Originally Posted by frankbell (Post 6057897)

Thanks a lot, Frank. I bookmarked the sites. (The Trend Micro looks a little more user friendly.) Good to know about these places. Thanks for passing them along. :)

You are most welcome.