Recent Posts

Pages: 1 [2] 3 4 ... 10
11
RogueKiller / Re: MBR:Yurn-A (RTK) in new RGK signatures
« Last post by Faergor on February 15, 2019, 08:38:01 pm »
Ok:)
I am very very sorry for asking so many questions. I think I may be annoying with them sometimes. I am kind of a person who needs reassurement and explanation :).

I greatly appreciate your help and support. Thanks a lot.
In that case I will completely ignore the detection :)
12
RogueKiller / Re: MBR:Yurn-A (RTK) in new RGK signatures
« Last post by Curson on February 15, 2019, 07:46:58 pm »
Hi Faergor,

Don't worry, I understand you want to know what exactly happened to feel safe.
Quote
It is a line of code you put in rgk signatures that is used to detect specific viruses, such as the one that showed up on avast and avg
Exactly. So, following your first and second questions : it was not a virus but code used in signatures.

Regarding your third question, I think AVG did check the file for this specific malware pattern and without understanding it was part of a signature, labelled it as the real deal.
And about your fourth question, yes, your computer is safe.

Regards.
13
RogueKiller / Re: MBR:Yurn-A (RTK) in new RGK signatures
« Last post by Faergor on February 15, 2019, 07:28:56 pm »
Oh, ok, so in other words:
It is a line of code you put in rgk signatures that is used to detect specific viruses, such as the one that showed up on avast and avg.

1. So, it was not virus at all that I found, but only line  of code you put in signatures used to detect it.
2. So I never had virus at all?
3. Why have they mentioned that detection was real and not false positive then?
4. Should I ignore this detection completely, im safe,right?:)

Thanks and again sorry for so many questions, this freaked me out.
14
RogueKiller / Re: MBR:Yurn-A (RTK) in new RGK signatures
« Last post by Curson on February 15, 2019, 07:19:52 pm »
Hi Faergor,

Yes, we unzipped it before the analysis.
What AVG means is that the file does contains malware code, but it's inactive. Such code is used in signatures to detect the live malware.
I advise you to read this article for better understanding : What Is a Virus Signature?

Regards.
15
RogueKiller / Re: MBR:Yurn-A (RTK) in new RGK signatures
« Last post by Faergor on February 15, 2019, 06:50:44 pm »
I received reply from AVG.

"Hello,

Thank you for contacting AVG.

Our virus specialists have been working on this request and they confirmed this detection is correct.

We understand it is unpleasant, and we will be happy to analyze the file again as soon as it matches our guidelines. Please refer to the following article about the AVG virus policy"


I think they mean the file was not false positive, but actual virus.
I uploaded the file here:
https://www.avg.com/en-us/false-positive-file-form

I had a false positive form picked. I explained the issue to them as well. That happened yesterday.

1.You guys of course scanned the file unzipped,right? It is not detectable when zipped.
2.have they made a mistake with the detection? I think they say it is a real threat, while you say its not.

What should I do? Ignore what they said? How come it showed up as a virus and they claim its real?
Thanks :)

16
RogueKiller / Re: MBR:Yurn-A (RTK) in new RGK signatures
« Last post by Faergor on February 15, 2019, 04:44:23 pm »
One thing popped my mind.
Stupid question, Im sure for 99,99% that you did,but:
You scanned the file I uploaded unzipped,right?:D

I was not able to detect it with avast when it was zipped, once I unzipped it, it was detected by avast right away (the previous versions that were detectable)

Thanks and sorry for so many (and some stupid) questions :D
17
RogueKiller / Re: ===> False Positives <===
« Last post by Curson on February 15, 2019, 03:44:45 pm »
Hi Mops21,

You are welcome.
We had an issue with the signatures package. This will be fixed as soon as possible.

Regards.
18
RogueKiller / Re: MBR:Yurn-A (RTK) in new RGK signatures
« Last post by Curson on February 15, 2019, 03:43:33 pm »
Hi Faergor,

You are very welcome.
Thanks for the kind words.

Regards.
19
Malware removal help / Re: Rapport de roguekiller
« Last post by Curson on February 15, 2019, 03:37:33 pm »
Bonjour,

Bienvenue sur le forum Adlice.

360 Total Security n'est pas un malware, vous pouvez le désinstaller via l'utilitaire Windows.
En revanche, le fichier détecté par RogueKiler est effectivement douteux.

Téléchargez Farbar Recovery Scan Tool (x64) et enregistrez-le sur le Bureau.
  • Faites un clic droit sur le fichier téléchargé (FRST64.exe) et choisissez "Exécuter en tant qu'administrateur". Quand l'outil démarre, cliquez sur Oui pour accepter les termes de la fenêtre Disclaimer (clause de non-responsabilité).
  • Cliquez sur le bouton Scan.
  • L'outil va créer un fichier rapport [log] nommé FRST.txt situé dans le dossier depuis lequel l'outil s'exécute.
  • Copiez/collez ce rapport dans votre prochaine réponse.
  • La première fois où l'outil est exécuté, il crée un autre rapport nommé Addition.txt - situé également dans le même dossier que FRST64.exe. Copiez/collez également ce rapport dans votre réponse.
Meilleures salutations.
20
RogueKiller / Re: ===> False Positives <===
« Last post by Mops21 on February 15, 2019, 12:23:46 pm »
Hi Curson

Thank you very much for your Infos

Can you check this too

The signature are from 10.02.2019 but we have in Germany 15.02.2019 please check and fix

With best Regards
Mops21
Pages: 1 [2] 3 4 ... 10