Jump to content
IObit Forum
Top Free Driver Updater Tools Best 25 PC Optimization Software Best 22 Antimalware Best 22 Uninstaller Software IObit Coupons & Discount Offers PC Optimizer

How to report False Positive to us?


Recommended Posts

  • Replies 354
  • Created
  • Last Reply

Top Posters In This Topic

False Positive -- Panda Security Uninstaller

 

Panda Security Uninstaller 2009

 

File UNINSTALLER_09.exe received on 2009.05.21 21:57:36 (UTC)

Current status: finished

Result: 1/40 (2.50%)

 

VirusTotal

 

Download Link: Here

 

 

IObit Security 360

 

OS:Windows 7

Version:0.3.0.22

Define Version:1108

Time:07/08/2009 10:29:26 PM

 

|Name|Type|Description|ID|

Trojan.Drop, File, C:\Users\Stanley\Desktop\Removal\Panda Security UNINSTALLER_09.exe, 12-1563

Link to comment
Share on other sites

Re:

 

The addition of picture. The same False positive of installer VitRegistryFix.

 

Results from Virustotal .

 

Unistaller Vit Registry Fix -

 

Report:

IObit Security 360

 

OS:Windows XP

Verze:0.3.0.22

Verze definice:1107

Time:8.8.2009 0:50:28

 

|Název|Typ|Popis|ID|

Trojan.Obfuscated, File, C:\Documents and Settings\Franta\Local Settings\temp\~nsu.tmp\Au_.exe, 12-1952

Link to comment
Share on other sites

Hello, they are appearing me these false positives:

IObit Security 360

 

OS: Windows XP

Version: 0.3.0.22

Defines Version: 1108

Time: 2009-08-08 11:09: 34

 

|Name|Type|Description|YOU GO|

Trojan.Delphi, Cases out, C:\WINDOWS\system32\wmpshell.dll, 12-1590

 

I do not have much information on this bookstore, but little that I have been able to find in the network they inform this to me: Link.

And virustotal does not report anything rare. Result from total virus.

Repair this soon please.

Kindly,

Jose Antonio.

Link to comment
Share on other sites

IObit Security 360

 

Betriebssystem:Windows XP

Version:0.3.0.22

Definitionsversion:1109

Zeit:08.08.2009 23:48:50

 

|Name|Typ|Beschreibung|ID|

Trojan.Delphi, File, C:\Programme\Outlook Express\oeimport.dll, 12-1600

 

 

This seems for me clean? I don't think this is a trojan due it's needed for Outlook Express E-mail Import and Export and it can't be deleted anyway, caus' Windows File Recover is recovering it everytime again. OE has some vulnerabilities but nevertheless it isn't malware.

 

http://www.virustotal.com/de/analisis/b60ffe2e363a00a68b0ad995365b408cb4e6ccf19e7a3700435fe308cdb45bf8-1249768681

Link to comment
Share on other sites

IObit Security 360

 

Betriebssystem:Windows Vista

Version:0.3.0.22

Definitionsversion:1109

Zeit:8/8/2009 5:06:30 PM

 

|Name|Typ|Beschreibung|ID|

Trojan.Drop, File, D:\_Disk A\_Misc\DeadLink v3.3.exe, 12-1573

Trojan.Drop, File, D:\_Disk A\Media\Audio-Tools\Audio Record Wizard v5.0.5.exe, 12-1573

--

 

 

DeadLink v3.3.exe is a WinRAR SFX archive i created - the extracted files itself are not being detected

VirusTotal 0/41

 

For comparison, the original setup executable is not being detected: VirusTotal 0/41

 

Audio Record Wizard v5.0.5.exe - regular setup executable

VirusTotal 0/39

Link to comment
Share on other sites

IObit Security 360

 

OS:Windows Vista

Version:0.3.1.20

Define Version:1112

Time:8/10/2009 3:00:17 PM

 

|Name|Type|Description|ID|

1-Trojan.Agent, File, C:\Program Files\TVersity Codec Pack\uninst.exe, 12-1287

 

2-:\Program Files\TVersity\Media Server\TVersityCodecPackSetup_1_2.exe, 12-1287

 

tversity is not a trojan.

 

thanks.

Link to comment
Share on other sites

False Positive ????

 

Hello,

 

IObit Security 360 reported this:

 

IObit Security 360

 

OS:Windows XP

Version:0.3.0.22

Define Version:1108

Time:10/08/2009 14:39:35

 

|Name|Type|Description|ID|

Trojan.Delphi, File, C:\WINDOWS\system32\wmpshell.dll, 12-1590

Link to comment
Share on other sites

A bunch of false positives

 

In fact, out of the entire list of hits I got on the scan, there are only three that I cannot confirm as false positives, and those I can't confirm only because they're in system backups, so have identifiers that are undecipherable to normal human beings.

 

To say that I am unimpressed would be an understatement.

 

IObit Security 360

 

OS:Windows XP

Version:0.3.1.20

Define Version:1112

Time:8/10/2009 7:05:47 PM

 

|Name|Type|Description|ID|

 

Adware.Sality, File, C:\Program Files\AOItemAssistant\sqlite3.dll, 9-43690

Adware.Agent, File, C:\Program Files\Bitcollider\bitcoll.dll, 9-50352

Trojan.Obfuscated, File, C:\Program Files\WUU\UpdateWUU.exe, 12-1309

Trojan.Obfuscated, File, C:\Program Files\WUU\UpdateWUUbeta.exe, 12-1309

Trojan.Gen2, File, C:\Program Files\Black Isle\BGII - SoA\UInst.exe, 12-8

Trojan.Killav, File, C:\Program Files\Google\POP and IMAP Troubleshooter\uninstall.exe, 12-1299

Trojan.Killav, File, C:\Documents and Settings\All Users\Documents\Shared Downloads\Thunderbird\PopImapTroubleshooterInstaller.exe, 12-1299

Trojan.Obfuscated, File, E:\Program Files\WUU\UpdateWUU.exe, 12-1309

Trojan.Obfuscated, File, E:\Program Files\WUU\UpdateWUUbeta.exe, 12-1309

Trojan.Agent, File, E:\Program Files\SoundSpectrum\G-Force\Uninstall.exe, 12-1287

Trojan.Agent, File, E:\Program Files\SoundSpectrum\SoftSkies\Uninstall.exe, 12-1287

Trojan.Agent, File, E:\Program Files\SoundSpectrum\WhiteCap\Uninstall.exe, 12-1287

Trojan.Agent, File, E:\Documents and Settings\WoW\My Documents\My Downloads\Windows Media Player\G-Force_385.exe, 12-1287

Trojan.Agent, File, E:\Documents and Settings\WoW\My Documents\My Downloads\Windows Media Player\WhiteCap_515.exe, 12-1287

Link to comment
Share on other sites

IObit Security 360

 

OS:Windows XP

Version:0.3.1.20

Define Version:1114

Time:8/11/2009 10:18:34 AM

 

|Name|Type|Description|ID|

Unwanted.SpywareVanisher, File, C:\WINDOWS\iun6002.exe, 4-32105

 

Note: I don't have this program installed on my system. In fact, the only program I installed on this system at the time shown by Windows for installation/modification was Security 360!

Link to comment
Share on other sites

IObit Security 360 Beta 3.1 Updated today

OS Windows 7 Build 7100

 

Detection: Dropper.Zlob, File E:\USBstick\waol\0.4334.34.7\comps\unagi\ampx.english.exe (I don't know why the forum software inserts a space into english, it isn't in the filename or the Reply box)

 

Note: Still checking scan results (results not yet saved). File is part of AOL installer (I don't use AOL but have some clients that do :(). Virustotal scan = clean.

 

EDIT, 2nd FP.

Detection: TrojanIESecurityPro File: cmdow.exe

 

Note: See CMDOW Commandline Window Utility Basically, cmdow.exe can be used to hide a command window when you create a custom (unattended) program install. Virustotal scan 22/41

Link to comment
Share on other sites

Before reporting a false positive, please save a scan report first and post it here. This will help us know the detailed information about the scan result.

 

hello sir i have recently installed IObit security 360 beta 3.1

all the time full scan shows following report

IObit Security 360

 

OS:Windows Vista

Version:0.3.1.20

Define Version:1115

Time:11-08-2009 23:27:27

 

|Name|Type|Description|ID|

Trojan.Agent - Quarantined, File, C:\Windows\system32\CONSOLE32.dll, 4-4460,

 

when i tried to delete this from quarentine it shows deleted but file persists

& it shows this file is in use by several other important programs.

i have nortan 360 antivirus .

plz solve the matter & mail me

thanks in advance

Link to comment
Share on other sites

report false positive

 

Before reporting a false positive, please save a scan report first and post it here. This will help us know the detailed information about the scan result.

 

hello sir i have recently installed IObit security 360 beta 3.1

all the time full scan shows following report

IObit Security 360

 

OS:Windows Vista

Version:0.3.1.20

Define Version:1115

Time:11-08-2009 23:27:27

 

|Name|Type|Description|ID|

Trojan.Agent - Quarantined, File, C:\Windows\system32\CONSOLE32.dll, 4-4460,

when i tried to delete this from quarentine it shows deleted but file persists

& it shows this file is in use by several other important programs.

i have nortan 360 antivirus .

plz solve the matter & mail me

thanks in advance

Link to comment
Share on other sites

FPs?

Hijack.ControlPanelStyle, Registry Value, HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer Value=ForceClassicControlPanel, 4-22723

Hijack.Help, Registry Data, HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer Value=NoSMHelp, 6-86

Hijack.StartMenu, Registry Data, HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced Value=Start_ShowHelp, 6-677

Link to comment
Share on other sites

False positives

 

All given clean bill of health by Virus Total (except tracking cookie)

 

IObit Security 360

 

OS:Windows XP

Version:0.3.1.20

Define Version:1118

Time:15/08/2009 17:20:27

 

|Name|Type|Description|ID|

Tracking Cookies, Cookies, Cookie:open@atdmt.com/, 7-1545

Keylogger.BrowserPal, File, D:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\GAGC5XON\confpg_promobullet[1].gif, 9-74249

Win32.Virus.SpyBouncer, File, D:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\IUJGDCC1\purpbox_04[1].gif, 9-90560

Worm.BrowserPal, File, D:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\O30CV7DA\btn2_orng_cnrbot_r_conf[1].gif, 9-72145

Rogue.Sality, File, D:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\T8EU0FXH\purpbox_02[1].gif, 9-96024

Trojan.Winlogon, File, D:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\UOGUVOKI\conf_toolbarpic_v2[1].jpg, 9-66258

Worm.PCSpy, File, D:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\UOGUVOKI\purpbox_05[1].gif, 9-70597

Win32.Virus.TargetAd, File, D:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\YOJ59X0P\purpbox_12[1].gif, 9-7846

Link to comment
Share on other sites

is this a virus/worm?

 

i have run iobit 360 numerous times now and everytime it piks up this............IObit Security 360

 

OS:Windows XP

Version:0.3.1.20

Define Version:1119

Time:8/15/2009 21:43:09

 

|Name|Type|Description|ID|

Trojan.Ezula, File, C:\System Volume Information\_restore{81FE96A8-1949-4304-9A31-882752BBE8E0}\RP71\A0085860.dll, 9-91414

 

 

why cant i get rid of it? please help

Link to comment
Share on other sites

Disable/Enable the System Restore Utility to flush old infected restore points

 

1) Right click the My Computer icon on the Desktop and click on Properties.

2) Click on the System Restore tab.

3) Put a check mark next to Turn off System Restore on All Drives

4) Click the OK button.

5) You will be prompted to restart the computer. Click the Yes button.

 

Now re-enable System Restore

 

To re-enable the System Restore Utility, follow steps one to five and on step three remove the check mark next to 'Turn off System Restore on All Drives'.

 

1) Right click the My Computer icon on the Desktop and click on Properties.

2) Click on the System Restore tab.

3) Remove the check mark next to Turn off System Restore on All Drives

4) Click the OK button.

Link to comment
Share on other sites

An old Borland runtime library

 

IObit Security 360

 

Betriebssystem:Windows 2000

Version:0.3.1.20

Define Version:1119

Zeit:16.08.2009 18:48:13

 

|Name|Typ|Beschreibung|ID|

Trojan.Suspicious.Zlob, File, C:\Programme\X-Setup\bin\rtl60.bpl, 9-95036

 

 

This is part of the latest version (6.3) of Xteq X-Setup which came for free.

Available at http://www.tucows.com/preview/219636.

 

I've got a german version of Win2k. To avoid misunderstandings I'll write the following info from file propertieswithout any attempt to translate it:

 

Dateiversion: 6.0.6.240

Beschreibung: Borland Component Package

Copyright: Copyright © 1997-2002 Borland Software Corporation

 

Firmenname Borland Software Corporation

Interner Name VCL60

Originaldateiname: VCL60.BPL

Produktname: Borland Package Library

Produktversion: 6.0

Sprache: Englisch (USA)

 

Virustotal gives 0/41 hits.

Link to comment
Share on other sites

Still getting this false positive. Given that "Spyware Vanisher" has never been installed on my system, AND given that the only program installed on my system, on the date given by Windows for when this was installed, was Security 360, I am absolutely certain this is an error.

 

IObit Security 360

 

OS:Windows XP

Version:0.3.1.20

Define Version:1119

Time:8/16/2009 4:25:34 PM

 

|Name|Type|Description|ID|

Unwanted.SpywareVanisher, File, C:\WINDOWS\iun6002.exe, 4-33609

Link to comment
Share on other sites

Possible False Positive.

 

I scanned this file with VirusTotal.com,Jotti's malware scan and NoVirusThanks.org and none of the 40 scanners reported any malware.

 

 

Win32.Aliser.8364, File, C:\Program Files\outlook Express\setup50.exe, 12-528

Link to comment
Share on other sites

fALS pOSITIVE FOR THESE TWO FILES

 

I PUT THESE TWO FILETO AVIRA ANLANISE

but two of thme not inculd any virus or trojan

Trojan.Banker.Bancos.eil"C:\WIDNOWS\SYSTEM32\MOBSYNC.EXE" 12-703

Win32.Aliser, File, "C:\Program Files\Windows Media Player\dlimport.exe", 12-766

Link to comment
Share on other sites

IObit Security 360

 

OS:Windows XP

Version:0.3.1.20

Define Version:1128

Time:20/08/2009 13:31:53

 

|Name|Type|Description|ID|

Win32.Aliser, File, C:\Archivos de programa\Windows Media Player\dlimport.exe, 12-856

 

VirusTotal shows the following information about the file DLIMPORT.EXE

File dlimport.exe received on 2009.08.20 19:35:14 (UTC)

Current status: finished

Result: 1/41 (2.44%)

 

Antivirus Version Last Update Result

a-squared 4.5.0.24 2009.08.20 -

AhnLab-V3 5.0.0.2 2009.08.20 -

AntiVir 7.9.1.3 2009.08.20 -

Antiy-AVL 2.0.3.7 2009.08.20 -

Authentium 5.1.2.4 2009.08.20 -

Avast 4.8.1335.0 2009.08.20 -

AVG 8.5.0.406 2009.08.20 -

BitDefender 7.2 2009.08.20 -

CAT-QuickHeal 10.00 2009.08.20 -

ClamAV 0.94.1 2009.08.20 -

Comodo 2037 2009.08.20 -

DrWeb 5.0.0.12182 2009.08.20 -

eSafe 7.0.17.0 2009.08.20 -

eTrust-Vet 31.6.6691 2009.08.20 -

F-Prot 4.4.4.56 2009.08.20 -

F-Secure 8.0.14470.0 2009.08.20 -

Fortinet 3.120.0.0 2009.08.20 -

GData 19 2009.08.20 -

Ikarus T3.1.1.68.0 2009.08.20 -

Jiangmin 11.0.800 2009.08.20 -

K7AntiVirus 7.10.823 2009.08.20 -

Kaspersky 7.0.0.125 2009.08.20 -

McAfee 5715 2009.08.20 -

McAfee+Artemis 5715 2009.08.20 -

McAfee-GW-Edition 6.8.5 2009.08.20 Heuristic.LooksLike.Win32.Aliser.M

Microsoft 1.4903 2009.08.20 -

NOD32 4353 2009.08.20 -

Norman 6.01.09 2009.08.20 -

nProtect 2009.1.8.0 2009.08.20 -

Panda 10.0.0.14 2009.08.20 -

PCTools 4.4.2.0 2009.08.20 -

Prevx 3.0 2009.08.20 -

Rising 21.43.34.00 2009.08.20 -

Sophos 4.44.0 2009.08.20 -

Sunbelt 3.2.1858.2 2009.08.20 -

Symantec 1.4.4.12 2009.08.20 -

TheHacker 6.3.4.3.384 2009.08.20 -

TrendMicro 8.950.0.1094 2009.08.20 -

VBA32 3.12.10.9 2009.08.20 -

ViRobot 2009.8.20.1893 2009.08.20 -

VirusBuster 4.6.5.0 2009.08.19 -

It seems that only one antivirus and IOBit considers this a malware.

 

Regards,

Secmas

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

 Share


×
×
  • Create New...