Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.


Messages - Faergor

Pages: [1] 2 3
1
Are all 41 of my detections false positives?
Are there no real ones among them?
Just want to make sure, just in case :).
Thanks

2
Oh, I see. And are they related to Microsoft Edge?
And is it similiar big amount of detections like mine?
Like 20-50?

3
Do you also have 41 detections?
And are all related to microsoft edge (with few mentions of Skype and one folder Microsoft? )

Can you perhaps have a look at my uploaded file (report from roguekiller scan) and see whether out detections match?

4
Hello, so I scan my PC regularly and dont visit dangerous websites (and dont even use microsoft edge, only very very rarely). I updated Roguekiller with new database, I suppose at least, it doesnt say so, but it always updates regularly. During this scan it doesnt show that it has been updated though.
Roguekiller says this about current version: 20211022_080253 (outdated, 20211025_113801). Not sure which one is the new one or old one.
Probably newest one, scan says that I have 20211025_113801. I suppose it scanned my PC with this update. I updated it manually, and it is showing me these 41 detections again.

Anyways, I am attaching the file. Is this real or false positive?
I suppose false positive, just want to make sure. Never seen so many detections before. I have not deleted them yet.



I am scanning my PC with roguekiller, avast, eset online scanner (the one with one time use), mbar and malwarebytes. So far, it seems like only Roguekiller detected this.

What is going on please?
Thanks

5
Hello, not sure how I managed to visit this website, I was on fanatical website (website that sells game bundles), and if I somehow accidentally typed it or what, but I managed to get to hxxp://www.x.com/ .

Anyone has any idea what is this website and if it is safe? It is marked as unverified, but does not have anything there, except for one X.

Thanks.

Moderation edit : Neutered link with hxxp.

6
RogueKiller / Is this false positive please?
« on: June 12, 2020, 01:04:33 am »
Hello,
roguekiller found this, not sure what it is supposed to be. Is this false positive please? May it be related to PSO2 Tweaker to install Phantasy star online 2? I used it few hours ago.
I am uploading report file here.
Thank you.

7
RogueKiller / Has there been update 14.4.0.0 ?
« on: April 01, 2020, 01:02:51 pm »
Because roguekiller reports that there is while website where I download it says the most actual version is still 14.3.0.0.

I am little bit freaked out, I use eset online scanner (one time antivurus scanner), avast, malwarebytes, roguekiller, malwarebytes mbar (anti rootkit).

Today is weird, Eset suddenly needed update, after update it acts weird, it doesnt even launch, then avast suddenly needed critical update, roguekiller says that it has new update 14.4.0.0 while website says newest udate it still 14.3.0.0, and when instalĺing new version it asks weird thing, that it needs tu shut down Windows Explorer and Total Commander in order to install.

Is all of that normal and is there also new update for roguekiller?

Thanks

8
Hi,
I installed Conquerors Blade on Steam and this is what Roguekiller found.
>>>>>> XX - Software
  [PUP.MailRU (Potentially Malicious)] (X64) HKEY_USERS\S-1-5-21-2670024213-1291369441-4136216571-1001\Software\GameCenter -- N/A -> Found

I am attaching report from Roguekiller as well.

This is false positive, correct?
Conquerors blade uses their own launcher, and also installs anti cheat system.

Thanks

9
RogueKiller / Re: Trojan Flystudio False positive or real?
« on: April 06, 2019, 03:57:17 pm »
Sure,thanks :).

10
RogueKiller / Re: Trojan Flystudio False positive or real?
« on: April 05, 2019, 12:19:45 pm »
I would  also like to ask.
Avast was mentioned here:
Trojan.FlyStudio, C:\WINDOWS\TEMP\AVAST_ASH2\WINRAR ARCHIVER (64 BIT)\WINRAR-X64-570CZ.EXE, No Action By User, [8009], [664683],1.0.10008

Could it have been modified somehow and therefore roguekiller reports it as old version, or does it report it incorrectly? Thanks

11
RogueKiller / Trojan Flystudio False positive or real?
« on: April 05, 2019, 12:50:56 am »
Hello,
I scanned my computer with roguekiller, eset online scanner,malwarebytes, malwarebytes mbar.
Malwarebytes Mbar found this as infected file. File located in winrar folder called Default.SFX.
I uploaded file to virustotal and more antivirus programs picked it up.
https://www.virustotal.com/#/file/0a2484026f989bbc29caba5873ac9c0a64ecad529b76f08a50cb1ec470b04453/detection

Then I scanned my computer with Malwarebytes and it caught this:

Trojan.FlyStudio, C:\PROGRAMDATA\MALWAREBYTES' ANTI-MALWARE (PORTABLE)\DEFAULT.SFX-K.MBAM, No Action By User, [8009], [664683],1.0.10008
Trojan.FlyStudio, C:\PROGRAMDATA\MALWAREBYTES' ANTI-MALWARE (PORTABLE)\DEFAULT.SFX-U.MBAM, No Action By User, [8009], [664683],1.0.10008
Trojan.FlyStudio, C:\WINDOWS\TEMP\AVAST_ASH2\WINRAR ARCHIVER (64 BIT)\WINRAR-X64-570CZ.EXE, No Action By User, [8009], [664683],1.0.10008

I am attaching the file.
Is this please false positive or real? Thanks.

12
RogueKiller / Re: [PUM.StartMenu (Potentially Malicious)]
« on: February 18, 2019, 10:19:19 pm »
Oh,ok,so its safe :).
Thanks a lot, again :D

13
RogueKiller / Re: [PUM.StartMenu (Potentially Malicious)]
« on: February 18, 2019, 10:35:03 am »
This is the second log.

14
RogueKiller / [PUM.StartMenu (Potentially Malicious)]
« on: February 18, 2019, 10:34:40 am »
Hello, I scanned my computer with roguekiller and it showed this, is this please false positive?

I have 2 logs, one was found at first, and other one later, I dont think they are identical.

I will upload another log in next reply.

15
RogueKiller / Re: MBR:Yurn-A (RTK) in new RGK signatures
« on: February 15, 2019, 08:38:01 pm »
Ok:)
I am very very sorry for asking so many questions. I think I may be annoying with them sometimes. I am kind of a person who needs reassurement and explanation :).

I greatly appreciate your help and support. Thanks a lot.
In that case I will completely ignore the detection :)

Pages: [1] 2 3