 |
 | Is this a false positive? |  |
|
mytomcat
|
|
https://r.virscan.org/language/en/report/bab5a0bf7a9d7b731f59d40056a50fd2
Scanner results:2%Antivirus software(1/49)found malware! Time: 2020-09-15 09:42:09 (CST) clamav Engine Ver:25928 Sig Ver:0.100.2 Scan file: 360Util.dll PUA.Win.Trojan.Generic-6629273-0 |
|||||||||||
|
|||||||||||||
 |
| |
|
mytomcat
|
|
360Util.dll file https://cowtransfer.com/s/8a39bdd1dcae43
|
|||||||||||
|
|||||||||||||
|
| |
|
GuitarBob
|
|
You should scan files on Virus Total to verify whether or not they contain a virus. They use more than 60 AVs to do a scan. If a couple of major AVs see an infection, it is probably true. Jotti is another good online scanning service, but they only have about 20 AVs to scan something. I wouldn't trust any other online scanners.
Regards, |
|||||||||||
|
|||||||||||||
|
| |
|
mytomcat
|
|
https://postimg.cc/Pp67qk8q
This is the result of a Jotti scan. |
|||||||||||
|
|||||||||||||
|
| |
|
GuitarBob
|
|
I can't read the graphic--it's too small. Anway, when I was working signatures at Clam AV and didn't want to execute a file that might contain malware, I relied upon these AVs to tell me of an infected file: Avira, Bitdefender, Eset, Kaspersky, and Sophos. If 2 of them saw an infection, I believed it. They all had their own scan engine and were widely used, including business. They are still like that.
Regards, |
|||||||||||
|
|||||||||||||
|
| |
|
mytomcat
|
|
360Util.dll Name: 360Util.dll Size: 598.07kB (612,424 bytes) Type: PE32 executable (DLL) (GUI) Intel 80386, for MS Windows First seen: September 25, 2020 at 3:23:40 AM GMT+2 MD5: 7fb27d1dad1fba8454610d9b21202010 SHA1: d3a2e11ed3b20c9696b56051c00a6863fe56ea5c Status: Scan finished. 1/15 scanners reported malware. Scan taken on: October 10, 2020 at 3:48:45 AM GMT+2 Avast! Antivirus Oct 10, 2020 Found nothing BitDefender Antivirus Oct 10, 2020 Found nothing ClamAV Oct 9, 2020 Win.Dropper.Gh0stRAT-9497880-0 Dr. Web Oct 10, 2020 Found nothing MicroWorld eScan Oct 10, 2020 Found nothing ESET Oct 9, 2020 Found nothing Fortinet Oct 9, 2020 Found nothing F-PROT Antivirus Oct 10, 2020 Found nothing F-Secure Anti-Virus Oct 9, 2020 Found nothing G DATA Oct 10, 2020 Found nothing Ikarus Oct 9, 2020 Found nothing K7 AV Oct 9, 2020 Found nothing Sophos Oct 10, 2020 Found nothing Trend Micro Antivirus Oct 8, 2020 Found nothing VBA32 Oct 9, 2020 Found nothing This is the latest scan. |
|||||||||||
|
|||||||||||||
|
| |
|
GuitarBob
|
|
When one or two AVs spot something as infected and the rest of the AVs do not find any infection, it is a pretty good bet that it is a false positive detection. Look especially at these AVs: Avira, Bitdefender, Eset Nod32, Kaspersky, and Sophos. If 2 of them see any infection, it is probably a real infection--otherwise there is no infection. Why these 5 AVs? They are big companies with lots of resources, they are used a lot by businesses, they do not use someone else's scan engine, and other AVs use their scan engines.
Always check files with Virus Total--we at ClamWin can not help you decide whether or not there is an infection. Regards, |
|||||||||||
|
|||||||||||||
|
 | Is this a false positive? | |
|
||
|
|
|
Powered by phpBB © phpBB Group
Design by phpBBStyles.com | Styles Database.
Content © ClamWin Free Antivirus GNU GPL Free Software Open Source Virus Scanner. Free Windows Antivirus. Stay Virus Free with Free Software.
Design by phpBBStyles.com | Styles Database.
Content © ClamWin Free Antivirus GNU GPL Free Software Open Source Virus Scanner. Free Windows Antivirus. Stay Virus Free with Free Software.