False positives on process scan
Closed this issue · 5 comments
D-Eyes Detection Result :
[ Risk 1 ]
[pid]:29048 [status]:Detect the risk of Malware Mimikatz Rule 1 | [path]:C:\Program Files\Google\Chrome\Application\chrome.exe [status]:safe | [args]:safe | [network]: null
[ Risk 2 ]
[pid]:15604 [status]:Detect the risk of Malware Mimikatz Rule 1 | [path]:C:\Program Files\Google\Chrome\Application\chrome.exe [status]:safe | [args]:safe | [network]: null
We recommend that you upload this chrome.exe file to virustotal for further testing.
Signed file, valid signature
This is a false positive, thanks for your report.
Thank you team.
D-Eyes Detection Result :
[ Risk 1 ] [pid]:29048 [status]:Detect the risk of Malware Mimikatz Rule 1 | [path]:C:\Program Files\Google\Chrome\Application\chrome.exe [status]:safe | [args]:safe | [network]: null [ Risk 2 ] [pid]:15604 [status]:Detect the risk of Malware Mimikatz Rule 1 | [path]:C:\Program Files\Google\Chrome\Application\chrome.exe [status]:safe | [args]:safe | [network]: null
The status described after [pid] represents the security status of the process in memory. The status described after [path] represents the security status of the executable file on the disk corresponding to the process. The results above show that there is an issue with the process in memory, which is unrelated to the Chrome binary program (according to the results above, it is displayed as safe). In the future, you can judge the detection results based on this logic.