Author Topic: False positive found (Read 758 times)

chjohans · « **on:** November 07, 2023, 04:26:17 PM »

I have a directory C:\Program Files (x86)\Tools where I have various downloaded tools, at the moment it just contains another directory with the tool "GPT fdisk", a command line partition tool: https://sourceforge.net/projects/gptfdisk/

The folder structure is "C:\Program Files (x86)\Tools\gdisk-windows-1.0.9".

Both RogueKiller and Adlica Diag will flag the *directory* "C:\Program Files (x86)\Tools" as possible malware (Adw.TopTools).

It puzzles me why you would flag a directory at all, without analyzing what's in that directory.

I just add "C:\Program Files (x86)\Tools\" to my exclusions, but that also means that if any possible future tools I put in there should contain anything suspicious then RougeKiller/Diag won't even try to catch that.

You might want to look into this.

Curson · « **Reply #1 on:** November 07, 2023, 06:11:27 PM »

Hi chjohans,

Thanks for your feedback.

This is part of some old detection and should have been removed already.
Next signatures batch will not detect this any more.

Regards.

chjohans · « **Reply #2 on:** November 08, 2023, 05:05:51 PM »

OK, thank you!

Curson · « **Reply #3 on:** November 08, 2023, 05:48:18 PM »

Hi chjohans,

You are welcome.

Regards.

Author Topic: False positive found (Read 758 times)

chjohans

False positive found

Curson

Re: False positive found

chjohans

Re: False positive found

Curson

Re: False positive found