Author Topic: ===> False Positives <===  (Read 351521 times)

0 Members and 3 Guests are viewing this topic.

Reply #360June 15, 2019, 06:30:17 PM

Curson

  • Global Moderator
  • Hero Member

  • Offline
  • *****

  • 2809
  • Reputation:
    100
    • View Profile
Re: ===> False Positives <===
« Reply #360 on: June 15, 2019, 06:30:17 PM »
Hi Mops21,

The two compressed files in the Recycle Bin are not false positive. these are EICAR test files for antivirus.
Could you please make a zip archive of the content of the following folder and attach it with your next reply ?
Quote
C:\Users\Alexander Robrecht\AppData\Local\Phrozen

Regards.

Reply #361June 15, 2019, 07:32:40 PM

Mops21

  • Jr. Member

  • Offline
  • **

  • 64
  • Reputation:
    0
    • View Profile
Re: ===> False Positives <===
« Reply #361 on: June 15, 2019, 07:32:40 PM »
Hi Curson

Yes here are the Files for you

https://www.sendspace.com/file/xg6rbp

With best Regards
Mops21

Reply #362June 15, 2019, 07:41:26 PM

Curson

  • Global Moderator
  • Hero Member

  • Offline
  • *****

  • 2809
  • Reputation:
    100
    • View Profile
Re: ===> False Positives <===
« Reply #362 on: June 15, 2019, 07:41:26 PM »
Hi Mops21,

Thanks.
Is any of these software installed on your computer ?
Quote
Winja
Windows File Tools
Windows Privacy Tweaker
RunPE Detector
Shortcut Scanner
ADS Revealer

Regards.

Reply #363June 16, 2019, 12:16:04 PM

Mops21

  • Jr. Member

  • Offline
  • **

  • 64
  • Reputation:
    0
    • View Profile
Re: ===> False Positives <===
« Reply #363 on: June 16, 2019, 12:16:04 PM »
Hi Curson

Yes here are the Files for you

Look in this Thread for that

https://malwaretips.com/threads/winja-7-0b.93186/

I have only Winja installed

With best Regards
Mops21

Reply #364June 16, 2019, 06:15:18 PM

Curson

  • Global Moderator
  • Hero Member

  • Offline
  • *****

  • 2809
  • Reputation:
    100
    • View Profile
Re: ===> False Positives <===
« Reply #364 on: June 16, 2019, 06:15:18 PM »
Hi Mops21,

Thanks for your feedback.
This directory will be whitelisted in the next malware definition update.

Regards.

Reply #365June 17, 2019, 11:12:06 AM

Mops21

  • Jr. Member

  • Offline
  • **

  • 64
  • Reputation:
    0
    • View Profile
Re: ===> False Positives <===
« Reply #365 on: June 17, 2019, 11:12:06 AM »
Hi Curson

Thank you very much for your Infos

See this Link again the answer from Tigzy

https://malwaretips.com/threads/winja-7-0b.93186/

I have delete my 2 other eicar test files from my System and it is no clean

With best Regardfs
Mops21

Reply #366June 17, 2019, 10:17:31 PM

Curson

  • Global Moderator
  • Hero Member

  • Offline
  • *****

  • 2809
  • Reputation:
    100
    • View Profile
Re: ===> False Positives <===
« Reply #366 on: June 17, 2019, 10:17:31 PM »
Hi Mops21,

This directory is not detected anymore in current malware definition database.
Could you please check you use the latest version ?

Regards.

Reply #367July 05, 2019, 02:12:22 PM

eurekaa

  • Newbie

  • Offline
  • *

  • 3
  • Reputation:
    0
    • View Profile
Re: ===> False Positives <===
« Reply #367 on: July 05, 2019, 02:12:22 PM »
Yeah really need solution for that

Reply #368July 05, 2019, 02:12:57 PM

eurekaa

  • Newbie

  • Offline
  • *

  • 3
  • Reputation:
    0
    • View Profile
Re: ===> False Positives <===
« Reply #368 on: July 05, 2019, 02:12:57 PM »
need solution for same

Reply #369July 05, 2019, 08:32:41 PM

Curson

  • Global Moderator
  • Hero Member

  • Offline
  • *****

  • 2809
  • Reputation:
    100
    • View Profile
Re: ===> False Positives <===
« Reply #369 on: July 05, 2019, 08:32:41 PM »
Hi eurekaa,

Welcome to Adlice.com Forum.
Could you please attach RogueKiller full report with your next reply ?

Regards.

Reply #370July 15, 2019, 06:41:53 PM

Mops21

  • Jr. Member

  • Offline
  • **

  • 64
  • Reputation:
    0
    • View Profile
Re: ===> False Positives <===
« Reply #370 on: July 15, 2019, 06:41:53 PM »
Hi

Can you check These Files please see the 2 screenshots

With best Regards
Mops21

Reply #371July 15, 2019, 09:50:21 PM

Curson

  • Global Moderator
  • Hero Member

  • Offline
  • *****

  • 2809
  • Reputation:
    100
    • View Profile
Re: ===> False Positives <===
« Reply #371 on: July 15, 2019, 09:50:21 PM »
Hi Mops21,

Thanks for your feedback.
Theses files are all false positives, currently detected by MalPE detection engine (still in beta).

Could you please make an archive containing a copy of all of them and attach it with your next reply ?
Analysing them, will help us improving the detection accuracy.

Regards.

Reply #372July 16, 2019, 07:54:53 AM

Melecoton

  • Newbie

  • Offline
  • *

  • 1
  • Reputation:
    0
    • View Profile
Re: ===> False Positives <===
« Reply #372 on: July 16, 2019, 07:54:53 AM »
Hi,

Today I update the program to V13.3.2 with MalPE V2, and it detect 12 elements. Can please check this? I Attach the screenshot and the report.

I try to make a copy of the files to attach them but it was impossible, is the first time I see files like that, i´m sorry.

Thanks,

Regards.

PS: Lately I have to start the program in compatibility mode (Windows eight) to get it to run, (I have Windows 10 version 1809).
« Last Edit: July 16, 2019, 08:10:31 AM by Melecoton »

Reply #373July 16, 2019, 01:15:14 PM

Curson

  • Global Moderator
  • Hero Member

  • Offline
  • *****

  • 2809
  • Reputation:
    100
    • View Profile
Re: ===> False Positives <===
« Reply #373 on: July 16, 2019, 01:15:14 PM »
Hi Melecoton,

Welcome to Adlice.com Forum.
All these detection are false positives.

Thanks for your feedback.

Regards.

Reply #374July 16, 2019, 04:22:06 PM

Tigzy

  • Administrator
  • Hero Member

  • Offline
  • *****

  • 957
  • Reputation:
    91
  • Personal Text
    Owner, Adlice Software
    • View Profile
    • Adlice Software
Re: ===> False Positives <===
« Reply #374 on: July 16, 2019, 04:22:06 PM »
Hey,
Just so you all know, MalPE is still in beta. This module works with a predictive AI model, and we are still training it with new samples (good/bad).
So please, while you are seeing the warning message when turning it on, don't rely strictly of the detections it generates.