Author Topic: Continued False Positive  (Read 8919 times)

0 Members and 1 Guest are viewing this topic.

August 03, 2018, 05:05:23 AM

Pkshadow

  • Newbie

  • Offline
  • *

  • 5
  • Reputation:
    0
    • View Profile
Continued False Positive
« on: August 03, 2018, 05:05:23 AM »
Continued False Positive of Firefox.  Submitted last time and was told prob went to a site that had EICAR on it.

Unfortunately I do not think that is the case.  I may do Support for Firefox but not been to many sites today
That could possibly have done that to Firefox.exe and it is marking all Processes 7 as Eicar.
Norton Internet Security full system scan today, Malwarebytes early eve daily and uploaded to Virus Total.
Nothing found.

 

Reply #1August 03, 2018, 12:21:55 PM

Curson

  • Global Moderator
  • Hero Member

  • Offline
  • *****

  • 2809
  • Reputation:
    100
    • View Profile
Re: Continued False Positive
« Reply #1 on: August 03, 2018, 12:21:55 PM »
Hi Pkshadow,

Welcome to Adlice.com Forum.
Could you please clear Firefox Cache, then redo a scan and check if the detection is still present ?

Regards.

Reply #2August 04, 2018, 02:16:49 AM

Pkshadow

  • Newbie

  • Offline
  • *

  • 5
  • Reputation:
    0
    • View Profile
Re: Continued False Positive
« Reply #2 on: August 04, 2018, 02:16:49 AM »
Hi, Cache cleaned 2 x's already, cookies cleaned 2x's.
Ms Disk Cleanup run.
Norton Utilities Privacy scan & empty done.

Found again.

Reply #3August 04, 2018, 02:22:48 AM

Curson

  • Global Moderator
  • Hero Member

  • Offline
  • *****

  • 2809
  • Reputation:
    100
    • View Profile
Re: Continued False Positive
« Reply #3 on: August 04, 2018, 02:22:48 AM »
Hi Pkshadow,

We need to retrieve more information.
Please follow the following process :
  • Download Process Explorer (x64) and save it to your desktop.
  • Click on the setup file (procexp64.exe) and select Run as Administrator to start the tool.
  • Locate the process named firefox.exe, do a right click on it and select Create Dump > Create Full Dump...
  • Save the dump on your desktop and compress it.
  • Upload it to Dropbox, Google Drive or similar services and share the link in your next reply.
Regards.

Reply #4August 04, 2018, 02:55:05 AM

Pkshadow

  • Newbie

  • Offline
  • *

  • 5
  • Reputation:
    0
    • View Profile
Re: Continued False Positive
« Reply #4 on: August 04, 2018, 02:55:05 AM »
Hi, you can close this. It is memory resident, same as last time.  Gone after reboot, open Firefox then close, and then scan and is clear.

Has to be some site am not suspecting as did not travel far.  Thanks

Reply #5August 04, 2018, 07:11:45 PM

Curson

  • Global Moderator
  • Hero Member

  • Offline
  • *****

  • 2809
  • Reputation:
    100
    • View Profile
Re: Continued False Positive
« Reply #5 on: August 04, 2018, 07:11:45 PM »
Hi Pkshadow,

Thanks for your feedback.
You are very welcome.

Regards.