Jump to content


Photo

False Positive

Started by indra11tng, Jul 09 2012 05:08 PM

  • Please log in to reply
11 replies to this topic

#1 indra11tng

indra11tng

    New Member

  • Members
  • Pip
  • 7 posts
  • LocationIndonesia
  • OS:Windows 7 x64
  • AV:PC Media AntiVirus
  • HIPS:Windows Defender
  • Other:N-Shield

Posted 09 July 2012 - 05:08 PM

Sorry If my english is Bad. I received report from people if "RTPshell.exe" as a malware "Malware.Win32.AMN!A2". File "RTPshell.exe" from this AV : http://www.mediafire...ra8bvgrq50j14cj
Result VT-Scan : https://www.virustot...sis/1341797480/


Please remove this false positive
Regards
Indra

#2 Elise

Elise

    Forum Regular

  • Emsisoft Employee
  • 780 posts
  • LocationRomania
  • OS:Windows 7 x64

Posted 09 July 2012 - 05:57 PM

Thank you for your submission. The detection has been removed in the latest update.
Best regards,

Elise van Dorp [Malware Research]
Emsisoft Team - http://www.emsisoft.com

#3 indra11tng

indra11tng

    New Member

  • Members
  • Pip
  • 7 posts
  • LocationIndonesia
  • OS:Windows 7 x64
  • AV:PC Media AntiVirus
  • HIPS:Windows Defender
  • Other:N-Shield

Posted 14 July 2012 - 06:16 PM

I received report from people if "RTPshell.exe" as a malware "Win32.SuspectCrc!IK". File "RegistryFixer.dll" from this AV : http://www.mediafire...ra8bvgrq50j14c
Report Virustotal : https://www.virustot...sis/1342284742/

#4 Elise

Elise

    Forum Regular

  • Emsisoft Employee
  • 780 posts
  • LocationRomania
  • OS:Windows 7 x64

Posted 14 July 2012 - 07:12 PM

This is an Ikarus detection, I will forward your report to them so it can be taken care of.
Best regards,

Elise van Dorp [Malware Research]
Emsisoft Team - http://www.emsisoft.com

#5 indra11tng

indra11tng

    New Member

  • Members
  • Pip
  • 7 posts
  • LocationIndonesia
  • OS:Windows 7 x64
  • AV:PC Media AntiVirus
  • HIPS:Windows Defender
  • Other:N-Shield

Posted 12 May 2013 - 08:22 AM

File "Cure.dll", part file from PC Media Antivirus has detected "Generic.Malware.SPDHVhidPkTkWkg.6D033034 (B)" from VirusTotal Result : https://www.virustot...sis/1368342972/

File cure.dll : http://www.sendspace.com/file/rlkj6z


#6 Elise

Elise

    Forum Regular

  • Emsisoft Employee
  • 780 posts
  • LocationRomania
  • OS:Windows 7 x64

Posted 12 May 2013 - 11:14 AM

Hello,

Many thanks for the reported file. Because this is a detection by our BitDefender engine, I will forward the file to them. Any false-positive found during analysis will be fixed ASAP.


Best regards,

Elise van Dorp [Malware Research]
Emsisoft Team - http://www.emsisoft.com

#7 indra11tng

indra11tng

    New Member

  • Members
  • Pip
  • 7 posts
  • LocationIndonesia
  • OS:Windows 7 x64
  • AV:PC Media AntiVirus
  • HIPS:Windows Defender
  • Other:N-Shield

Posted 25 May 2013 - 04:52 PM

File "Cure.dll", part file from PC Media Antivirus has detected "Generic.Malware.SPDHVhidPkTkWkg.CFED11BA (B)" from VirusTotal Result : https://www.virustot...sis/1369496984/

 

Attached Files


#8 Arief Prabowo

Arief Prabowo

    Forum Veteran

  • Emsisoft Employee
  • 1621 posts
  • LocationIndonesia

Posted 25 May 2013 - 05:31 PM

Hello,

many thanks for your submission.

Since the reported file was detected by our BitDefender engine, therefore we will forward this to BitDefender.

Any false positive detections that may found will be fixed as soon as possible.


Best regards,

Arief Prabowo [Research]
Emsisoft Team - http://www.emsisoft.com
Posted Image

#9 indra11tng

indra11tng

    New Member

  • Members
  • Pip
  • 7 posts
  • LocationIndonesia
  • OS:Windows 7 x64
  • AV:PC Media AntiVirus
  • HIPS:Windows Defender
  • Other:N-Shield

Posted 26 May 2013 - 03:02 AM

File "Cure.dll" old version has detected "Generic.Malware.SPDHVhidPkTkWkg.0ED463CF (B)" from VirusTotal Result : https://www.virustot...sis/1369533083/

Attached Files

  • Attached File  cure.zip   437.17K   4 downloads

#10 Arief Prabowo

Arief Prabowo

    Forum Veteran

  • Emsisoft Employee
  • 1621 posts
  • LocationIndonesia

Posted 26 May 2013 - 07:38 AM

Terima kasih! I will forward this file to Bitdefender as well for their analysis.


Best regards,

Arief Prabowo [Research]
Emsisoft Team - http://www.emsisoft.com
Posted Image

#11 indra11tng

indra11tng

    New Member

  • Members
  • Pip
  • 7 posts
  • LocationIndonesia
  • OS:Windows 7 x64
  • AV:PC Media AntiVirus
  • HIPS:Windows Defender
  • Other:N-Shield

Posted 27 May 2013 - 03:57 AM

Sama-sama Pak Bowo :D

I want to attact file "cure.dll" used on version 8.8 on our program has detected "Generic.Malware.SPDHVhidPkTkWkg.00419221 (B) from VirusTotal Result : https://www.virustot...sis/1369623211/

 

Sorry inconvenient, Terima Kasih :)

Attached Files

  • Attached File  cure.zip   432.08K   4 downloads

#12 Arief Prabowo

Arief Prabowo

    Forum Veteran

  • Emsisoft Employee
  • 1621 posts
  • LocationIndonesia

Posted 27 May 2013 - 04:49 AM

Thanks for your report. The file will be checked.

 

For false-positive detections that caused by our BitDefender engine, you can also report it directly on their false-positive forum.

 

http://forum.bitdefe...c&showforum=138


Best regards,

Arief Prabowo [Research]
Emsisoft Team - http://www.emsisoft.com
Posted Image
Back to False positives


0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Emsisoft Support Forums
  2. Company & Products
  3. False positives
  4. Privacy Policy
  5. Terms of Use ·