Israeli
-
Posts
9 -
Joined
-
Last visited
Kudos
-
Israeli gave kudos to Marcos in FALSE ALERTS of System Informer
Since everything has been said, we'll draw this topic to a close.
-
Israeli received kudos from 5Z4 in FALSE ALERTS of System Informer
Btw... Also this week and updated HWiNFO kicked the Task Manager parts, since then for example CPU usage displays correct again. 😎
But also true, enough about this problem here. Enjoy my friend!
-
Israeli gave kudos to 5Z4 in FALSE ALERTS of System Informer
...along with their other cr*p. Just look at the "progress" of the ability to set default apps in Windows.
Dude, I think we should stop, before we get banned on our first day on the forum.😁
-
Israeli received kudos from 5Z4 in FALSE ALERTS of System Informer
... and MS of course wants his own AV and Task Manager become as bible.
-
Israeli gave kudos to 5Z4 in FALSE ALERTS of System Informer
Yeah, those "may be used", "possibly checks" etc. in assessment obviusly give a realistic end result of "100% malicious". I mean, a fork also "may be used" to attack, instead of, for example, lifting food, but let's not ban its use just yet, right?
-
Israeli received kudos from 5Z4 in FALSE ALERTS of System Informer
Some people still believe Earth is flat if just often enough mark & write it... 😄
-
Israeli gave kudos to 5Z4 in FALSE ALERTS of System Informer
I think it's called CrowdStrike Falcon. Worth checking out its false positive statistics, e.g. in AV-Comparatives' tests.
-
Israeli gave kudos to SeriousHoax in FALSE ALERTS of System Informer
Looks like it got 100% only because of detection from other vendors. Everything else is Suspicious Indicators only. So the score would have been much lower without these AV detections.
I'm also a fan of System Informer. It has some nice features not present in others. I would just use Process Explorer if MS had made it equivalent to it. Both have some unique features, so I use both.
-
Israeli received kudos from 5Z4 in FALSE ALERTS of System Informer
And because of that is ESET still the best and avoid per default false alerts & weird theories. 😎
Thanks a lot again!!
-
Israeli gave kudos to 5Z4 in FALSE ALERTS of System Informer
This.
I too am in favor of completely unblocking the app, but also have a proposal, if I may, in case the app has to be flagged suspicious/dangerous: how about categorizing it as "potentially unsafe", for which, if I'm not mistaken, both the detection and reporting are by default disabled, at least in NOD32?
-
Israeli gave kudos to Marcos in FALSE ALERTS of System Informer
Process Hacker is indeed detected as a potentially unsafe application. System Informer cannot be misused in attacks, at least we have no information about a vulnerability that would allow it.
-
Israeli gave kudos to Marcos in FALSE ALERTS of System Informer
Unlike Process Hacker, the System Informer driver was fixed to prevent exploitation. Also it's signed by Microsoft to allow loading on latest OS:
Process Hacker:
System Informer:
-
Israeli gave kudos to Marcos in FALSE ALERTS of System Informer
As far as I know, we have no evidence that System Informer was misused in attacks, e.g. to kill antivirus before malware was run by the attacker.
-
Israeli gave kudos to Marcos in FALSE ALERTS of System Informer
We'll unblock the app, however, there are still many other AVs that detect it:
https://www.virustotal.com/gui/file/8ee9d84de50803545937a63c686822388a3338497cddb660d5d69cf68b68f287