Author Topic: ===> False Positives <===  (Read 170159 times)

0 Members and 2 Guests are viewing this topic.

Reply #405December 05, 2019, 08:06:44 pm

techknowledge

  • Newbie

  • Offline
  • *

  • 5
  • Reputation:
    0
    • View Profile
Re: ===> False Positives <===
« Reply #405 on: December 05, 2019, 08:06:44 pm »
I change the script frequently.
Is the file pattern something I can set on my side?

Reply #406December 06, 2019, 07:01:36 pm

Tigzy

  • Administrator
  • Hero Member

  • Offline
  • *****

  • 873
  • Reputation:
    91
  • Personal Text
    Owner, Adlice Software
    • View Profile
    • Adlice Software
Re: ===> False Positives <===
« Reply #406 on: December 06, 2019, 07:01:36 pm »
Hey,
We've actually fixed it on our side, it will be in next release.
Regards,

Reply #407December 14, 2019, 04:13:33 pm

Mops21

  • Jr. Member

  • Offline
  • **

  • 55
  • Reputation:
    0
    • View Profile
Re: ===> False Positives <===
« Reply #407 on: December 14, 2019, 04:13:33 pm »
Hi

Can you check this 1 File please

With best Regards
Mops21

Reply #408December 16, 2019, 09:36:20 pm

Curson

  • Global Moderator
  • Hero Member

  • Offline
  • *****

  • 2396
  • Reputation:
    83
    • View Profile
Re: ===> False Positives <===
« Reply #408 on: December 16, 2019, 09:36:20 pm »
Hi Mops21,

Thanks for your feedback.
This file will be investigated as soon as possible.

Regards.

Reply #409December 19, 2019, 03:11:35 pm

Mops21

  • Jr. Member

  • Offline
  • **

  • 55
  • Reputation:
    0
    • View Profile
Re: ===> False Positives <===
« Reply #409 on: December 19, 2019, 03:11:35 pm »
Hi

Thank you very much for your Infos

Any new Infos about this avail鐩ble

And here is the Homepage of the product for you the Version 5 is in Beta available for that you must contact them for it

https://xvirus.net/xvirus-personal-firewall

With best Regards
Mops21

Reply #410December 19, 2019, 09:10:59 pm

Curson

  • Global Moderator
  • Hero Member

  • Offline
  • *****

  • 2396
  • Reputation:
    83
    • View Profile
Re: ===> False Positives <===
« Reply #410 on: December 19, 2019, 09:10:59 pm »
Hi Mops21,

This file is detected by MalPE, an heuristic-based detection engine.
It's quite hard to say what triggered the detection, and we are in the process of rewriting the heuristic model used by MalPE, so a fix probably won't be released shortly.

That being said, for the time being, I suggest you to exclude Xvirus Personal Firewall installer and related files using RogueKiller "Exclusion" module.

Regards.

Reply #411December 30, 2019, 01:01:27 pm

Mops21

  • Jr. Member

  • Offline
  • **

  • 55
  • Reputation:
    0
    • View Profile
Re: ===> False Positives <===
« Reply #411 on: December 30, 2019, 01:01:27 pm »
Hi

Thank you very much for your Infos

Any new Infos about the Xvirus File available

And can you check the 2 File from the Xsec Antivirus please too

https://www.sendspace.com/file/5pr7wp

And here is the Homepage of it for you

https://www.xsecantivirus.com/

https://www.xsecantivirus.com/support/contact.aspx

With best Regards
Mops21

Reply #412December 30, 2019, 09:42:21 pm

Curson

  • Global Moderator
  • Hero Member

  • Offline
  • *****

  • 2396
  • Reputation:
    83
    • View Profile
Re: ===> False Positives <===
« Reply #412 on: December 30, 2019, 09:42:21 pm »
Hi Mops21,

No fix for this specific detection was released, yet.
The two files you submitted trigger MalPE the same way the installer do. The new model should also get rid of these false positives as well.

Regards.

Reply #413January 05, 2020, 11:40:53 pm

Ashazy1234

  • Newbie

  • Offline
  • *

  • 2
  • Reputation:
    0
    • View Profile
Re: ===> False Positives <===
« Reply #413 on: January 05, 2020, 11:40:53 pm »
Yeah.Dont post the same problem again and again.

Reply #414February 07, 2020, 02:09:21 am

graphixillusion

  • Newbie

  • Offline
  • *

  • 12
  • Reputation:
    0
    • View Profile
Re: ===> False Positives <===
« Reply #414 on: February 07, 2020, 02:09:21 am »
Hi there. I'm reporting this false positive. This process/service is the Stablebit Scanner for hdd health monitoring.

Here the official site:
https://stablebit.com/Scanner

This is the roguekiller log:

中中中中中中中中中中中中 Process Modules 中中中中中中中中中中中中
[Cloud.Generic (Malicious)] Scanner.Service.Native.exe (4780) -- C:\Program Files (x86)\StableBit\Scanner\Service\Scanner.Service.Native.exe -> Found

中中中中中中中中中中中中 Services 中中中中中中中中中中中中
[Cloud.Generic (Malicious)] ScannerServiceNative (4780) -- "C:\Program Files (x86)\StableBit\Scanner\Service\Scanner.Service.Native.exe" -> Found

Thank you!


Reply #415February 07, 2020, 06:38:26 pm

Curson

  • Global Moderator
  • Hero Member

  • Offline
  • *****

  • 2396
  • Reputation:
    83
    • View Profile
Re: ===> False Positives <===
« Reply #415 on: February 07, 2020, 06:38:26 pm »
Hi graphixillusion,

Thanks for your feedback.
Could you please attach the JSON report with your next reply ?

Regards.

Reply #416February 07, 2020, 11:26:39 pm

graphixillusion

  • Newbie

  • Offline
  • *

  • 12
  • Reputation:
    0
    • View Profile
Re: ===> False Positives <===
« Reply #416 on: February 07, 2020, 11:26:39 pm »
Could you please attach the JSON report with your next reply ?

Sure. Here the interesting part in JSON format.

Reply #417February 08, 2020, 01:19:54 am

Curson

  • Global Moderator
  • Hero Member

  • Offline
  • *****

  • 2396
  • Reputation:
    83
    • View Profile
Re: ===> False Positives <===
« Reply #417 on: February 08, 2020, 01:19:54 am »
Hi graphixillusion,

Thanks for your feedback.
We will whitelist it as soon as possible.

Regards.