Jump to content


Photo

False Positive


  • Please log in to reply
17 replies to this topic

#1 Indra Ramadhan

Indra Ramadhan

    Active Member

  • Members
  • PipPipPip
  • 73 posts
  • LocationIndonesia
  • OS:Windows 7 x64
  • AV:PCMAV
  • HIPS:Windows Firewall
  • Other:KompasAV, EEK

Posted 09 July 2012 - 05:08 PM

Sorry If my english is Bad. I received report from people if "RTPshell.exe" as a malware "Malware.Win32.AMN!A2". File "RTPshell.exe" from this AV : http://www.mediafire...ra8bvgrq50j14cj
Result VT-Scan : https://www.virustot...sis/1341797480/


Please remove this false positive
Regards
Indra

image.jpg

 

Kompas_Antivirus_Signature.png


#2 Elise

Elise

    Forum Veteran

  • Emsisoft Employee
  • 4313 posts
  • LocationRomania
  • OS:Windows 7 x64

Posted 09 July 2012 - 05:57 PM

Thank you for your submission. The detection has been removed in the latest update.
Best regards,

Elise van Dorp [Malware Research]

Emsisoft Team - http://www.emsisoft.com

#3 Indra Ramadhan

Indra Ramadhan

    Active Member

  • Members
  • PipPipPip
  • 73 posts
  • LocationIndonesia
  • OS:Windows 7 x64
  • AV:PCMAV
  • HIPS:Windows Firewall
  • Other:KompasAV, EEK

Posted 14 July 2012 - 06:16 PM

I received report from people if "RTPshell.exe" as a malware "Win32.SuspectCrc!IK". File "RegistryFixer.dll" from this AV : http://www.mediafire...ra8bvgrq50j14c
Report Virustotal : https://www.virustot...sis/1342284742/

image.jpg

 

Kompas_Antivirus_Signature.png


#4 Elise

Elise

    Forum Veteran

  • Emsisoft Employee
  • 4313 posts
  • LocationRomania
  • OS:Windows 7 x64

Posted 14 July 2012 - 07:12 PM

This is an Ikarus detection, I will forward your report to them so it can be taken care of.
Best regards,

Elise van Dorp [Malware Research]

Emsisoft Team - http://www.emsisoft.com

#5 Indra Ramadhan

Indra Ramadhan

    Active Member

  • Members
  • PipPipPip
  • 73 posts
  • LocationIndonesia
  • OS:Windows 7 x64
  • AV:PCMAV
  • HIPS:Windows Firewall
  • Other:KompasAV, EEK

Posted 12 May 2013 - 08:22 AM

File "Cure.dll", part file from PC Media Antivirus has detected "Generic.Malware.SPDHVhidPkTkWkg.6D033034 (B)" from VirusTotal Result : https://www.virustot...sis/1368342972/

File cure.dll : http://www.sendspace.com/file/rlkj6z


image.jpg

 

Kompas_Antivirus_Signature.png


#6 Elise

Elise

    Forum Veteran

  • Emsisoft Employee
  • 4313 posts
  • LocationRomania
  • OS:Windows 7 x64

Posted 12 May 2013 - 11:14 AM

Hello,

Many thanks for the reported file. Because this is a detection by our BitDefender engine, I will forward the file to them. Any false-positive found during analysis will be fixed ASAP.


Best regards,

Elise van Dorp [Malware Research]

Emsisoft Team - http://www.emsisoft.com

#7 Indra Ramadhan

Indra Ramadhan

    Active Member

  • Members
  • PipPipPip
  • 73 posts
  • LocationIndonesia
  • OS:Windows 7 x64
  • AV:PCMAV
  • HIPS:Windows Firewall
  • Other:KompasAV, EEK

Posted 25 May 2013 - 04:52 PM

File "Cure.dll", part file from PC Media Antivirus has detected "Generic.Malware.SPDHVhidPkTkWkg.CFED11BA (B)" from VirusTotal Result : https://www.virustot...sis/1369496984/

 


image.jpg

 

Kompas_Antivirus_Signature.png


#8 Arief Prabowo

Arief Prabowo

    Forum Veteran

  • Emsisoft Employee
  • 2752 posts
  • LocationIndonesia

Posted 25 May 2013 - 05:31 PM

Hello,

many thanks for your submission.

Since the reported file was detected by our BitDefender engine, therefore we will forward this to BitDefender.

Any false positive detections that may found will be fixed as soon as possible.


Best regards,

Arief Prabowo [Research]

Emsisoft Team - http://www.emsisoft.com


#9 Indra Ramadhan

Indra Ramadhan

    Active Member

  • Members
  • PipPipPip
  • 73 posts
  • LocationIndonesia
  • OS:Windows 7 x64
  • AV:PCMAV
  • HIPS:Windows Firewall
  • Other:KompasAV, EEK

Posted 26 May 2013 - 03:02 AM

File "Cure.dll" old version has detected "Generic.Malware.SPDHVhidPkTkWkg.0ED463CF (B)" from VirusTotal Result : https://www.virustot...sis/1369533083/


image.jpg

 

Kompas_Antivirus_Signature.png


#10 Arief Prabowo

Arief Prabowo

    Forum Veteran

  • Emsisoft Employee
  • 2752 posts
  • LocationIndonesia

Posted 26 May 2013 - 07:38 AM

Terima kasih! I will forward this file to Bitdefender as well for their analysis.


Best regards,

Arief Prabowo [Research]

Emsisoft Team - http://www.emsisoft.com


#11 Indra Ramadhan

Indra Ramadhan

    Active Member

  • Members
  • PipPipPip
  • 73 posts
  • LocationIndonesia
  • OS:Windows 7 x64
  • AV:PCMAV
  • HIPS:Windows Firewall
  • Other:KompasAV, EEK

Posted 27 May 2013 - 03:57 AM

Sama-sama Pak Bowo :D

I want to attact file "cure.dll" used on version 8.8 on our program has detected "Generic.Malware.SPDHVhidPkTkWkg.00419221 (B) from VirusTotal Result : https://www.virustot...sis/1369623211/

 

Sorry inconvenient, Terima Kasih :)


image.jpg

 

Kompas_Antivirus_Signature.png


#12 Arief Prabowo

Arief Prabowo

    Forum Veteran

  • Emsisoft Employee
  • 2752 posts
  • LocationIndonesia

Posted 27 May 2013 - 04:49 AM

Thanks for your report. The file will be checked.

 

For false-positive detections that caused by our BitDefender engine, you can also report it directly on their false-positive forum.

 

http://forum.bitdefe...c&showforum=138


Best regards,

Arief Prabowo [Research]

Emsisoft Team - http://www.emsisoft.com


#13 Indra Ramadhan

Indra Ramadhan

    Active Member

  • Members
  • PipPipPip
  • 73 posts
  • LocationIndonesia
  • OS:Windows 7 x64
  • AV:PCMAV
  • HIPS:Windows Firewall
  • Other:KompasAV, EEK

Posted 04 July 2013 - 10:31 AM

Reported False Positive  Trace.File, log scan in attachment,

Reported Behavior Blocker log scan, whether including false positive? because all program in log scan is safe.


image.jpg

 

Kompas_Antivirus_Signature.png


#14 Arief Prabowo

Arief Prabowo

    Forum Veteran

  • Emsisoft Employee
  • 2752 posts
  • LocationIndonesia

Posted 04 July 2013 - 12:04 PM

Hello,

many thanks for your report. The traces will be checked.

Any false positive detections that may found will be fixed as soon as possible.

 

Regarding the behavior blocker, it is not a false positive, since it's based on application behavior. If you trust the application, you can always click the "Allow" check box so the application can continue the process.


Best regards,

Arief Prabowo [Research]

Emsisoft Team - http://www.emsisoft.com


#15 Indra Ramadhan

Indra Ramadhan

    Active Member

  • Members
  • PipPipPip
  • 73 posts
  • LocationIndonesia
  • OS:Windows 7 x64
  • AV:PCMAV
  • HIPS:Windows Firewall
  • Other:KompasAV, EEK

Posted 10 July 2013 - 04:33 AM

In Online Armor Anti Keylogger, Game House File report detected as keylogger. I already allow, Please Fix detection.


image.jpg

 

Kompas_Antivirus_Signature.png


#16 Indra Ramadhan

Indra Ramadhan

    Active Member

  • Members
  • PipPipPip
  • 73 posts
  • LocationIndonesia
  • OS:Windows 7 x64
  • AV:PCMAV
  • HIPS:Windows Firewall
  • Other:KompasAV, EEK

Posted 25 October 2013 - 09:58 AM

False Positive


image.jpg

 

Kompas_Antivirus_Signature.png


#17 Arief Prabowo

Arief Prabowo

    Forum Veteran

  • Emsisoft Employee
  • 2752 posts
  • LocationIndonesia

Posted 25 October 2013 - 11:48 AM

Thanks for your report. The file will be checked.


Best regards,

Arief Prabowo [Research]

Emsisoft Team - http://www.emsisoft.com


#18 Indra Ramadhan

Indra Ramadhan

    Active Member

  • Members
  • PipPipPip
  • 73 posts
  • LocationIndonesia
  • OS:Windows 7 x64
  • AV:PCMAV
  • HIPS:Windows Firewall
  • Other:KompasAV, EEK

Posted 17 November 2013 - 04:12 PM

False Positive : Trojan.GenericKDV.1391068 (B)


image.jpg

 

Kompas_Antivirus_Signature.png





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users