Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.


Messages - garioch7

Pages: 1 ... 3 4 [5]
61
RogueKiller / Re: ===> False Positives <===
« on: January 23, 2019, 07:06:03 pm »
Curzon:

Thank you for your explanations, but if a file is tagged as [VT.Unknown], should RogueKiller default to removing it, if the user selects the clean?  Many users are going to think that RogueKiller has detected the file(s) as malware and be inclined to accept the default.

The content of the C:\ProgramData\Filter folder is one file: images, 12 bytes.  It is marked read-only and hidden.  The content of the file in hex is below
Code: [Select]
03 99 4B D4 20 A6 F1 7D    62 87 46 C4

I am attaching the 000.fcl file in zipped format as requested.

Thank you and have a great day.

Regards,
-Phil

62
RogueKiller / Re: ===> False Positives <===
« on: January 22, 2019, 08:00:47 pm »
I am working topic over at Bleeping Computer where RogueKiller has identified some Intuit 2018 QuickBooks files as malicious.  Please see this link.  I think that these are false positives.

I purchased a 2-year subscription for RogueKiller Premium today and scanned my computer.  It is detecting a legitimate Cyberlink file as malicious and is also going after a Bitdefender uninstaller file, some detections that it is reporting as missing.  There is also a folder detection (C:\Program Data\Filter that I regard as a possible false positive.  Scan report attached.  See these URLs for analysis of the detections:

https://www.systemlookup.com/Drivers/10335-000_fcl.html
https://www.hybrid-analysis.com/sample/401cd6a87b9bec1f027c081ad23320c91d668dc5dc7a11226493e6aa387be6b7?environmentId=100

I run Bitdefender 2019 Total Security and Malwarebytes Anti-Malware Premium, and neither program has detected any of these files.

I just registered on your Forums today.  Thank you and have a great day.

Regards,
-Phil

Pages: 1 ... 3 4 [5]