Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.


Messages - Ransom

Pages: [1]
1
RogueKiller / Re: ===> False Positives <===
« on: September 09, 2024, 09:16:30 PM »
Actually, I was busy with something completely different and came across this article...

https://www.adlice.com/google-chrome-secure-preferences/

...which in turn made me curious about RogueKiller.

I used it on my main system (Win10x64 Pro) and found a (single) malware (see also attached report): In the file folder C:\Program Files\Firefox is supposedly the "potential malware" PUP.Ghokswa. I uninstalled Firefox completely and reinstalled it - result: PUP.Ghokswa is still (or again) in the file folder C:\Program Files\Firefox.

I then ran RogueKiller in three VMs: Win7x64, Win8.1x64 and Win10x64. In all three VMs, RogueKiller found the "potential malware" PUP.Ghokswa in the file folder C:\Program Files\Firefox (see attached reports*).

Can I assume that these reports are false positives?

Regards,
Ransom

* Although RogueKiller offers to export a report as a text file, this does not work. It only works as a *.json file. The text files here were converted with the following online converter:

https://products.aspose.app/cells/de/conversion/json-to-text

Pages: [1]