Author Topic: Proc.Run.PE - false positive? (Read 8436 times)

cinder · « **on:** January 28, 2018, 03:29:14 AM »

Hi team,

Could you please let me know if this is a false positive? I am getting '[6692] svchost.exe; C:\Windows\System32\scvhost.exe'

I read another thread where you addressed this and I downloaded Process Explorer and I found process 6692, however it was listed as Google Chrome. There were many instances of svchost.exe so I did not know which to create the dump file.

Any help please?

Thanks.

Curson · « **Reply #1 on:** January 28, 2018, 02:20:07 PM »

Hi cinder,

Please reboot your computer and redo a scan. Don't delete/terminate anything.
Then, please post the JSON scan report with your next reply.

Regards.

cinder · « **Reply #2 on:** January 29, 2018, 12:19:25 AM »

Hi Curson,

I did this and the scan was fine. All ok then?

Thanks.

Curson · « **Reply #3 on:** January 29, 2018, 08:44:13 PM »

Hi cinder,

Yes. A svchost process had propably crashed and had to be relanched.
Please post again if the issue still happens.

Regards.

cinder · « **Reply #4 on:** January 29, 2018, 11:13:51 PM »

No worries, thanks for the help!

Curson · « **Reply #5 on:** January 30, 2018, 01:35:07 PM »

Hi cinder,

You are very welcome.

Regards.

Author Topic: Proc.Run.PE - false positive? (Read 8436 times)

cinder

Proc.Run.PE - false positive?

Curson

Re: Proc.Run.PE - false positive?

cinder

Re: Proc.Run.PE - false positive?

Curson

Re: Proc.Run.PE - false positive?

cinder

Re: Proc.Run.PE - false positive?

Curson

Re: Proc.Run.PE - false positive?