Hello
Immunet has quarantined 2 files:
1. clam.exploit.java.kaixin-1
2.spyware.hacktool.smz
I am trying to determine if these files are false positives or real threats.
Immunet says the original file path was C:\Windows\Temp\BF482F53-D448-408C-9637-9647BF604991-Sigs\0C22E2E3-6F20-47D0-8F06-AED3A0976B71mpavdlta.vdm.new.temp. However, the folder C:\Windows\Temp\BF482F53-D448-408C-9637-9647BF604991-Sigs is empty.
Could anyone please advise if they have any experience with these files?
Thanks
qurious

Two Detetions
Started by
qurious
, May 11 2014 05:12 AM
4 replies to this topic
#1
Posted 11 May 2014 - 05:12 AM
#2
Posted 11 May 2014 - 07:02 AM
Hello
Immunet has quarantined 2 files:
1. clam.exploit.java.kaixin-1
2.spyware.hacktool.smz
[...]
Could anyone please advise if they have any experience with these files?
Try upload to https://www.virustotal.com/ or http://virusscan.jotti.org/de.
Win7 64bit latest, German Language
Immunet 3.1.8.9583
CPU i5-3570K, 4200 MHz
8GB RAM
Immunet 3.1.8.9583
CPU i5-3570K, 4200 MHz
8GB RAM
#3
Posted 11 May 2014 - 07:33 AM
Hello Sveni
Thanks for your reply. I have tried restoring the quarantined files from Immunet to upload to virustotal. Immunet created a temp file which virustotal cannot recognise. Is there someway for the file to be converted so that virustotal can recognise it?
My apologies if my questions are simple. I am not a tech-head and am new to this.
Thanks
qurious
Thanks for your reply. I have tried restoring the quarantined files from Immunet to upload to virustotal. Immunet created a temp file which virustotal cannot recognise. Is there someway for the file to be converted so that virustotal can recognise it?
My apologies if my questions are simple. I am not a tech-head and am new to this.
Thanks
qurious
#4
Posted 11 May 2014 - 09:07 PM
Hi quious, this temp file is associated with Microsoft Security Essentials or Defender. The temp file is used when MSE/Defender is updating and installing new defination signatures. Go ahead and restore these files from Quarantine since they are false positives. To avoid any further conflicts like this add MSE/Defender's complete Program Files folder to Immunet's Exclusion List. Also it's a good idea to add Immunet's Program Files folder into MSE/Defender's exclusion/exception list too. That way they will see each other as legit programs.
Cheers, Ritchie...
Cheers, Ritchie...
* Immunet Global Forum Moderator *
#5
Posted 13 May 2014 - 07:09 AM
Hello Ritchie58
Wll do.
Thanks for your help.
Best Regards
Wll do.
Thanks for your help.
Best Regards
0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users