Author Topic: ===> False Positives <===  (Read 194818 times)

0 Members and 1 Guest are viewing this topic.

Reply #420July 07, 2020, 08:13:46 pm

Mops21

  • Jr. Member

  • Offline
  • **

  • 61
  • Reputation:
    0
    • View Profile
Re: ===> False Positives <===
« Reply #420 on: July 07, 2020, 08:13:46 pm »
Hi

Thank you very much for your Infos

And have you any Infos for the Xvirus and for the XSec Antivirus Samples that I upload here for me

With best Regards
Mops21

Reply #421July 07, 2020, 09:24:56 pm

Curson

  • Global Moderator
  • Hero Member

  • Offline
  • *****

  • 2481
  • Reputation:
    84
    • View Profile
Re: ===> False Positives <===
« Reply #421 on: July 07, 2020, 09:24:56 pm »
Hi Mops21,

You are very welcome.
No, not yet.

Regards.

Reply #422July 08, 2020, 07:36:52 pm

Mops21

  • Jr. Member

  • Offline
  • **

  • 61
  • Reputation:
    0
    • View Profile
Re: ===> False Positives <===
« Reply #422 on: July 08, 2020, 07:36:52 pm »
Hi

Thank you very much for your Infos

With best Regards
Mops21

Reply #423August 17, 2020, 05:57:31 am

kinglan10

  • Newbie

  • Offline
  • *

  • 2
  • Reputation:
    0
    • View Profile
Re: ===> False Positives <===
« Reply #423 on: August 17, 2020, 05:57:31 am »
Hey I'm new here and I think I may have gotten a false positive using roguekiller. I hope I'm getting this reporting thing right

RogueKiller Anti-Malware V14.6.3.0 (x64) [Aug 10 2020] (Free) by Adlice Software
mail : https://adlice.com/contact/
Website : https://adlice.com/download/roguekiller/
Operating System : Windows 10 (10.0.18363) 64 bits
Started in : Normal mode
User : IVES [Administrator]
Started from : C:\Program Files\RogueKiller\RogueKiller64.exe
Signatures : 20200813_142051, Driver : Loaded
Mode : Standard Scan, Scan -- Date : 2020/08/16 23:19:16 (Duration : 00:29:27)
Switches : -minimize

いいいいいいいいいいいい Processes いいいいいいいいいいいい

いいいいいいいいいいいい Process Modules いいいいいいいいいいいい

いいいいいいいいいいいい Services いいいいいいいいいいいい

いいいいいいいいいいいい Tasks いいいいいいいいいいいい

いいいいいいいいいいいい Registry いいいいいいいいいいいい

いいいいいいいいいいいい WMI いいいいいいいいいいいい

いいいいいいいいいいいい Hosts File いいいいいいいいいいいい

いいいいいいいいいいいい Files いいいいいいいいいいいい
[Tr.Gen (Malicious)] (file) pbsvc.exe -- (Even Balance, Inc.) C:\Windows\SysWOW64\pbsvc.exe -> Found

いいいいいいいいいいいい Web browsers いいいいいいいいいいいい

いいいいいいいいいいいい Antirootkit : 0 (Driver: Loaded) いいいいいいいいいいいい





So yeah, this may be a false positive I think, the VT score is "not scanned" btw, though I do have the file quarantined rn just in case.
« Last Edit: August 17, 2020, 06:38:40 am by kinglan10 »

Reply #424August 17, 2020, 10:07:26 am

Curson

  • Global Moderator
  • Hero Member

  • Offline
  • *****

  • 2481
  • Reputation:
    84
    • View Profile
Re: ===> False Positives <===
« Reply #424 on: August 17, 2020, 10:07:26 am »
Hi kinglan10,

Welcome to Adlice.com Forum and thanks for your feedback.

This detection is indeed a false positive and will be removed in the next signature definitions package.
In the meantime, you can safetly restore this file from the quarantine area.

Regards.

Reply #425August 18, 2020, 04:04:02 am

kinglan10

  • Newbie

  • Offline
  • *

  • 2
  • Reputation:
    0
    • View Profile
Re: ===> False Positives <===
« Reply #425 on: August 18, 2020, 04:04:02 am »
Hi kinglan10,

Welcome to Adlice.com Forum and thanks for your feedback.

This detection is indeed a false positive and will be removed in the next signature definitions package.
In the meantime, you can safetly restore this file from the quarantine area.

Regards.



Hello Curson, thank you for the reply. :)
I'm glad this file was a picked up merely as a false positive, I'll be restoring this file back to it's location.

Take care sir.

Reply #426August 18, 2020, 01:10:52 pm

Curson

  • Global Moderator
  • Hero Member

  • Offline
  • *****

  • 2481
  • Reputation:
    84
    • View Profile
Re: ===> False Positives <===
« Reply #426 on: August 18, 2020, 01:10:52 pm »
Hi kinglan10,

You are very welcome.
Take care, too.

Regards.