Author Topic: ===> False Positives <===  (Read 351620 times)

0 Members and 3 Guests are viewing this topic.

Reply #435September 09, 2024, 09:16:30 PM

Ransom

  • Newbie

  • Offline
  • *

  • 1
  • Reputation:
    0
    • View Profile
Re: ===> False Positives <===
« Reply #435 on: September 09, 2024, 09:16:30 PM »
Actually, I was busy with something completely different and came across this article...

https://www.adlice.com/google-chrome-secure-preferences/

...which in turn made me curious about RogueKiller.

I used it on my main system (Win10x64 Pro) and found a (single) malware (see also attached report): In the file folder C:\Program Files\Firefox is supposedly the "potential malware" PUP.Ghokswa. I uninstalled Firefox completely and reinstalled it - result: PUP.Ghokswa is still (or again) in the file folder C:\Program Files\Firefox.

I then ran RogueKiller in three VMs: Win7x64, Win8.1x64 and Win10x64. In all three VMs, RogueKiller found the "potential malware" PUP.Ghokswa in the file folder C:\Program Files\Firefox (see attached reports*).

Can I assume that these reports are false positives?

Regards,
Ransom

* Although RogueKiller offers to export a report as a text file, this does not work. It only works as a *.json file. The text files here were converted with the following online converter:

https://products.aspose.app/cells/de/conversion/json-to-text
« Last Edit: September 09, 2024, 09:26:10 PM by Ransom »