Author Topic: False Positive?  (Read 51032 times)


Offline Syazwani Saparman

  • Newbie
  • *
  • Posts: 3
  • Kudos +0/-0
Re: False Positive?
« Reply #1 on: May 07, 2019, 02:57:34 PM »
Hi ronald739

Thank you for cross checking the files with VirusTotal. Can you send us the sample file so that we can further assist you to set False Positive to the Universal AV.

Many thanks
Syazwani

Offline ronald739

  • Newbie
  • *
  • Posts: 21
  • Kudos +0/-0
Re: False Positive?
« Reply #2 on: May 08, 2019, 09:14:53 AM »
Hi Syazwani,

I have sent the files to secureaplus@secureage.com The request number is : (3223).

Regards,
ronald739

Offline Lech

  • Newbie
  • *
  • Posts: 3
  • Kudos +0/-0
Re: False Positive?
« Reply #3 on: May 13, 2019, 02:23:40 AM »
Hello,
I also think that I get some false positive for 12 Windows files.

SecureAPlus (freemium) marks those files bellow in the given destinations as containing viruses on the base of APEX or Microsoft Security Essentials.
Strange is, that MSE that I installed to check it doesn’t report any of them during scan itself.
Non of them has also a virus record on Virus Total.
Also on-line scanners like Eset, F-secure and mks_vir reported nothing.
Malware Hunter and Hitman Pro also don’t give any results.

As SecureAPlus reports those viruses or trojans it is not possible to delete the file (Code 05, access denied). It is possible to run real time scan and after it there are three given results – scan incomplete, or no viruses (!), or virus claim again.

I may send the files, but how to do it, to not to cause any problems?
Regards,
Lech

AUDIOKSE
C:\Windows\winsxs\amd64_microsoft-windows-audio-audiocore_31bf3856ad364e35_6.1.7601.23471_none_d50b549f14907e7a

TsUsbGDCoInstaller
C:\Windows\winsxs\amd64_microsoft-windows-r..s-regkeys-component_31bf3856ad364e35_7.1.7601.16398_none_6f0f5c629bb8c1b0

dnsapi
C:\Windows\winsxs\wow64_microsoft-windows-dns-client_31bf3856ad364e35_6.1.7600.16385_none_482c18d6d06b2c0d

dnsapi
C:\Windows\winsxs\wow64_microsoft-windows-dns-client_31bf3856ad364e35_6.1.7600.16772_none_4833ef7cd065b8b3

dnsapi
C:\Windows\winsxs\wow64_microsoft-windows-dns-client_31bf3856ad364e35_6.1.7600.20914_none_49006e49e950e0ac

dnsapi
C:\Windows\winsxs\wow64_microsoft-windows-dns-client_31bf3856ad364e35_6.1.7601.17514_none_4a5d2c9ecd59afa7

dnsapi
C:\Windows\winsxs\wow64_microsoft-windows-dns-client_31bf3856ad364e35_6.1.7601.17570_none_4a184beecd8df1f1

dnsapi
C:\Windows\winsxs\wow64_microsoft-windows-dns-client_31bf3856ad364e35_6.1.7601.21673_none_4aa4e997e6a8ddc0

rpcrt4
C:\Windows\winsxs\wow64_microsoft-windows-rpc-local_31bf3856ad364e35_6.1.7601.24168_none_1ccc8f59a9578796

msv1_0
C:\Windows\winsxs\wow64_microsoft-windows-security-ntlm_31bf3856ad364e35_6.1.7601.24150_none_e587aab1c6cd14a6

sqlunirl
C:\Windows\winsxs\x86_microsoft-windows-m..nents-mdac-sqlunirl_31bf3856ad364e35_6.1.7600.16385_none_3bed0e7fdd8193ca

TSpkg
C:\Windows\winsxs\x86_microsoft-windows-security-credssp_31bf3856ad364e35_6.1.7601.24308_none_c657bf3018e45c7f

msv1_0
C:\Windows\winsxs\wow64_microsoft-windows-security-ntlm_31bf3856ad364e35_6.1.7601.24150_none_e587aab1c6cd14a6

rpcrt4
C:\Windows\winsxs\wow64_microsoft-windows-rpc-local_31bf3856ad364e35_6.1.7601.24168_none_1ccc8f59a9578796

Offline Syazwani Saparman

  • Newbie
  • *
  • Posts: 3
  • Kudos +0/-0
Re: False Positive?
« Reply #4 on: May 13, 2019, 09:00:58 AM »
Hi Lech!

Thanks for sending this in. We'll have our team check on this. In the future, if you wish to submit false positives you can do so at the following page:

https://www.secureaplus.com/features/antivirus/report-false-positive/

We appreciate your help and we hope you continue to enjoy using SecureAPlus.

Best Regards
Syazwani

Offline Lech

  • Newbie
  • *
  • Posts: 3
  • Kudos +0/-0
Re: False Positive?
« Reply #5 on: May 14, 2019, 07:36:53 AM »
Hi Syazwani,
thank you for the link - I will send those files the next day, not tomorrow but the next day alongside with the above description.

I enjoy SecureAPlus - after a year of using it this is the first time something strange was reported.
Calm year, with no problems or troubles.

Regards,
Lech


Offline Lech

  • Newbie
  • *
  • Posts: 3
  • Kudos +0/-0
Re: False Positive?
« Reply #6 on: May 18, 2019, 06:33:07 AM »
Hi Syazwani,
I just submitted my infected files as you suggested.
Regards,
Lech

Offline ronald739

  • Newbie
  • *
  • Posts: 21
  • Kudos +0/-0
Re: False Positive?
« Reply #7 on: May 23, 2019, 11:12:53 PM »
The FP's I reported are still being flagged as threats. Also, there are two more after a Windows Update to 1903.


Offline Syazwani Saparman

  • Newbie
  • *
  • Posts: 3
  • Kudos +0/-0
Re: False Positive?
« Reply #8 on: May 24, 2019, 12:42:03 PM »
Hi ronald739

This is strange. Can I trouble you to send me your SecureAPlus ID via secureaplus@secureage.com (reason being, we don't want other people to know your ID here), while I check with the team as to why the files are still flagged as threats on your machine.

Also, can you send the other two files that were flagged as threats after a Windows Update to 1903?

Yours sincerely,
Syazwani
SecureAPlus Team