₳Ⱡ₥Ø₲

``` (venv) ubuntu@ubuntuPC:~/Dev/volatility3$ vol -f ~/dumps/amsi-patch.raw windows.avpatch Volatility 3 Framework 2.26.2 Progress: 100.00 PDB scanning finished PID Process DLL Function Hook Address Hook Info Hook Hexdump Disasm 6740 powershell_ise amsi.dll...

I tried running it on fresh windows 10 machine now and the false positives is very high, however they can quickly be examined and succumb to less with few statistics...

any update on this? I would like to keep working on that if it's relevant, I would like help regarding my questions:x

@ikelos well it is a malware plugin, and linux.svcscan isnt...

@atcuno ahh I meant windows.svcscan mb😳