Announcement

Collapse
No announcement yet.

How to report False Positive to us?

Collapse
This topic is closed.
X
This is a sticky topic.
X
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • #61
    IObit Security 360 Beta 3.1 Updated today
    OS Windows 7 Build 7100

    Detection: Dropper.Zlob, File E:\USBstick\waol\0.4334.34.7\comps\unagi\ampx.english.exe (I don't know why the forum software inserts a space into english, it isn't in the filename or the Reply box)

    Note: Still checking scan results (results not yet saved). File is part of AOL installer (I don't use AOL but have some clients that do :(). Virustotal scan = clean.

    EDIT, 2nd FP.
    Detection: TrojanIESecurityPro File: cmdow.exe

    Note: See CMDOW Commandline Window Utility Basically, cmdow.exe can be used to hide a command window when you create a custom (unattended) program install. Virustotal scan 22/41
    Last edited by satrow; Aug. 11th, 2009, 16:24.

    Comment


    • #62
      Originally posted by Tim Xue View Post
      Before reporting a false positive, please save a scan report first and post it here. This will help us know the detailed information about the scan result.
      hello sir i have recently installed IObit security 360 beta 3.1
      all the time full scan shows following report
      IObit Security 360

      OS:Windows Vista
      Version:0.3.1.20
      Define Version:1115
      Time:11-08-2009 23:27:27

      |Name|Type|Description|ID|
      Trojan.Agent - Quarantined, File, C:\Windows\system32\CONSOLE32.dll, 4-4460,

      when i tried to delete this from quarentine it shows deleted but file persists
      & it shows this file is in use by several other important programs.
      i have nortan 360 antivirus .
      plz solve the matter & mail me
      thanks in advance

      Comment


      • #63
        report false positive

        Originally posted by Tim Xue View Post
        Before reporting a false positive, please save a scan report first and post it here. This will help us know the detailed information about the scan result.
        hello sir i have recently installed IObit security 360 beta 3.1
        all the time full scan shows following report
        IObit Security 360

        OS:Windows Vista
        Version:0.3.1.20
        Define Version:1115
        Time:11-08-2009 23:27:27

        |Name|Type|Description|ID|
        Trojan.Agent - Quarantined, File, C:\Windows\system32\CONSOLE32.dll, 4-4460,

        when i tried to delete this from quarentine it shows deleted but file persists
        & it shows this file is in use by several other important programs.
        i have nortan 360 antivirus .
        plz solve the matter & mail me
        thanks in advance

        Comment


        • #64
          FPs?
          Code:
          Hijack.ControlPanelStyle, Registry Value, HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer Value=ForceClassicControlPanel, 4-22723
          Code:
          Hijack.Help, Registry Data, HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer Value=NoSMHelp, 6-86
          Code:
          Hijack.StartMenu, Registry Data, HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced Value=Start_ShowHelp, 6-677

          Comment


          • #65
            False positives

            All given clean bill of health by Virus Total (except tracking cookie)

            IObit Security 360

            OS:Windows XP
            Version:0.3.1.20
            Define Version:1118
            Time:15/08/2009 17:20:27

            |Name|Type|Description|ID|
            Tracking Cookies, Cookies, Cookie:open@atdmt.com/, 7-1545
            Keylogger.BrowserPal, File, D:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\GAGC5XON\confpg_promobullet[1].gif, 9-74249
            Win32.Virus.SpyBouncer, File, D:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\IUJGDCC1\purpbox_04[1].gif, 9-90560
            Worm.BrowserPal, File, D:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\O30CV7DA\btn2_orng_cnrbot_r_conf[1].gif, 9-72145
            Rogue.Sality, File, D:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\T8EU0FXH\purpbox_02[1].gif, 9-96024
            Trojan.Winlogon, File, D:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\UOGUVOKI\conf_toolbarpic_v2[1].jpg, 9-66258
            Worm.PCSpy, File, D:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\UOGUVOKI\purpbox_05[1].gif, 9-70597
            Win32.Virus.TargetAd, File, D:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\YOJ59X0P\purpbox_12[1].gif, 9-7846

            Comment


            • #66
              is this a virus/worm?

              i have run iobit 360 numerous times now and everytime it piks up this............IObit Security 360

              OS:Windows XP
              Version:0.3.1.20
              Define Version:1119
              Time:8/15/2009 21:43:09

              |Name|Type|Description|ID|
              Trojan.Ezula, File, C:\System Volume Information\_restore{81FE96A8-1949-4304-9A31-882752BBE8E0}\RP71\A0085860.dll, 9-91414


              why cant i get rid of it? please help

              Comment


              • #67
                Disable/Enable the System Restore Utility to flush old infected restore points

                1) Right click the My Computer icon on the Desktop and click on Properties.
                2) Click on the System Restore tab.
                3) Put a check mark next to Turn off System Restore on All Drives
                4) Click the OK button.
                5) You will be prompted to restart the computer. Click the Yes button.

                Now re-enable System Restore

                To re-enable the System Restore Utility, follow steps one to five and on step three remove the check mark next to 'Turn off System Restore on All Drives'.

                1) Right click the My Computer icon on the Desktop and click on Properties.
                2) Click on the System Restore tab.
                3) Remove the check mark next to Turn off System Restore on All Drives
                4) Click the OK button.
                .
                Malware Removal Assistance
                Usage of IObit Products

                Comment


                • #68
                  An old Borland runtime library

                  IObit Security 360

                  Betriebssystem:Windows 2000
                  Version:0.3.1.20
                  Define Version:1119
                  Zeit:16.08.2009 18:48:13

                  |Name|Typ|Beschreibung|ID|
                  Trojan.Suspicious.Zlob, File, C:\Programme\X-Setup\bin\rtl60.bpl, 9-95036


                  This is part of the latest version (6.3) of Xteq X-Setup which came for free.
                  Available at http://www.tucows.com/preview/219636.

                  I've got a german version of Win2k. To avoid misunderstandings I'll write the following info from file propertieswithout any attempt to translate it:

                  Dateiversion: 6.0.6.240
                  Beschreibung: Borland Component Package
                  Copyright: Copyright © 1997-2002 Borland Software Corporation

                  Firmenname Borland Software Corporation
                  Interner Name VCL60
                  Originaldateiname: VCL60.BPL
                  Produktname: Borland Package Library
                  Produktversion: 6.0
                  Sprache: Englisch (USA)

                  Virustotal gives 0/41 hits.

                  Comment


                  • #69
                    Still getting this false positive. Given that "Spyware Vanisher" has never been installed on my system, AND given that the only program installed on my system, on the date given by Windows for when this was installed, was Security 360, I am absolutely certain this is an error.

                    IObit Security 360

                    OS:Windows XP
                    Version:0.3.1.20
                    Define Version:1119
                    Time:8/16/2009 4:25:34 PM

                    |Name|Type|Description|ID|
                    Unwanted.SpywareVanisher, File, C:\WINDOWS\iun6002.exe, 4-33609

                    Comment


                    • #70
                      Possible False Positive.

                      I scanned this file with VirusTotal.com,Jotti's malware scan and NoVirusThanks.org and none of the 40 scanners reported any malware.


                      Win32.Aliser.8364, File, C:\Program Files\outlook Express\setup50.exe, 12-528

                      Comment


                      • #71
                        fALS pOSITIVE FOR THESE TWO FILES

                        I PUT THESE TWO FILETO AVIRA ANLANISE
                        but two of thme not inculd any virus or trojan
                        Trojan.Banker.Bancos.eil"C:\WIDNOWS\SYSTEM32\MOBSYNC.EXE" 12-703
                        Win32.Aliser, File, "C:\Program Files\Windows Media Player\dlimport.exe", 12-766

                        Comment


                        • #72
                          IObit Security 360

                          OS:Windows XP
                          Version:0.3.1.20
                          Define Version:1128
                          Time:20/08/2009 13:31:53

                          |Name|Type|Description|ID|
                          Win32.Aliser, File, C:\Archivos de programa\Windows Media Player\dlimport.exe, 12-856

                          VirusTotal shows the following information about the file DLIMPORT.EXE
                          File dlimport.exe received on 2009.08.20 19:35:14 (UTC)
                          Current status: finished
                          Result: 1/41 (2.44%)

                          Antivirus Version Last Update Result
                          a-squared 4.5.0.24 2009.08.20 -
                          AhnLab-V3 5.0.0.2 2009.08.20 -
                          AntiVir 7.9.1.3 2009.08.20 -
                          Antiy-AVL 2.0.3.7 2009.08.20 -
                          Authentium 5.1.2.4 2009.08.20 -
                          Avast 4.8.1335.0 2009.08.20 -
                          AVG 8.5.0.406 2009.08.20 -
                          BitDefender 7.2 2009.08.20 -
                          CAT-QuickHeal 10.00 2009.08.20 -
                          ClamAV 0.94.1 2009.08.20 -
                          Comodo 2037 2009.08.20 -
                          DrWeb 5.0.0.12182 2009.08.20 -
                          eSafe 7.0.17.0 2009.08.20 -
                          eTrust-Vet 31.6.6691 2009.08.20 -
                          F-Prot 4.4.4.56 2009.08.20 -
                          F-Secure 8.0.14470.0 2009.08.20 -
                          Fortinet 3.120.0.0 2009.08.20 -
                          GData 19 2009.08.20 -
                          Ikarus T3.1.1.68.0 2009.08.20 -
                          Jiangmin 11.0.800 2009.08.20 -
                          K7AntiVirus 7.10.823 2009.08.20 -
                          Kaspersky 7.0.0.125 2009.08.20 -
                          McAfee 5715 2009.08.20 -
                          McAfee+Artemis 5715 2009.08.20 -
                          McAfee-GW-Edition 6.8.5 2009.08.20 Heuristic.LooksLike.Win32.Aliser.M
                          Microsoft 1.4903 2009.08.20 -
                          NOD32 4353 2009.08.20 -
                          Norman 6.01.09 2009.08.20 -
                          nProtect 2009.1.8.0 2009.08.20 -
                          Panda 10.0.0.14 2009.08.20 -
                          PCTools 4.4.2.0 2009.08.20 -
                          Prevx 3.0 2009.08.20 -
                          Rising 21.43.34.00 2009.08.20 -
                          Sophos 4.44.0 2009.08.20 -
                          Sunbelt 3.2.1858.2 2009.08.20 -
                          Symantec 1.4.4.12 2009.08.20 -
                          TheHacker 6.3.4.3.384 2009.08.20 -
                          TrendMicro 8.950.0.1094 2009.08.20 -
                          VBA32 3.12.10.9 2009.08.20 -
                          ViRobot 2009.8.20.1893 2009.08.20 -
                          VirusBuster 4.6.5.0 2009.08.19 -
                          It seems that only one antivirus and IOBit considers this a malware.

                          Regards,
                          Secmas

                          Comment


                          • #73
                            Possible False Positives.

                            I scanned this files with VirusTotal.com,Jotti's malware scan and NoVirusThanks.org and only one of the 40 scanners reported malware.

                            Comment


                            • #74
                              SOLVED in Definition version : 1128

                              The false positive below by IS 360 is solved with Definition Version : 1128


                              Win32.Aliser.8364, File, C:\Program Files\outlook Express\setup50.exe, 12-528


                              Cheers.
                              enoskype

                              - Beauty lies in the eye of the beholder and belongs to the man who can appreciate it. -

                              Comment


                              • #75
                                Trojan.Agent, File, C:\Users\*****\Desktop\pc-decrapifier-2.0.0.exe, 12-460
                                PC Decrapifier - http://www.pcdecrapifier.com

                                Result: 8/41 (19.51%) - VirusTotal Results

                                This is a false positive no matter what the VirusTotlal results say.
                                .
                                Malware Removal Assistance
                                Usage of IObit Products

                                Comment

                                Working...
                                X