Jump to content


Photo

Two Detetions


  • Please log in to reply
4 replies to this topic

#1 qurious

qurious

    Newbie

  • Members
  • Pip
  • 3 posts

Posted 11 May 2014 - 05:12 AM

Hello

Immunet has quarantined 2 files:

1. clam.exploit.java.kaixin-1
2.spyware.hacktool.smz

I am trying to determine if these files are false positives or real threats.

Immunet says the original file path was C:\Windows\Temp\BF482F53-D448-408C-9637-9647BF604991-Sigs\0C22E2E3-6F20-47D0-8F06-AED3A0976B71mpavdlta.vdm.new.temp. However, the folder C:\Windows\Temp\BF482F53-D448-408C-9637-9647BF604991-Sigs is empty.

Could anyone please advise if they have any experience with these files?

Thanks
qurious

#2 Sveni

Sveni

    Member

  • Members
  • PipPip
  • 16 posts
  • LocationDresden, Germany

Posted 11 May 2014 - 07:02 AM

Hello

Immunet has quarantined 2 files:
1. clam.exploit.java.kaixin-1
2.spyware.hacktool.smz
[...]
Could anyone please advise if they have any experience with these files?


Try upload to https://www.virustotal.com/ or http://virusscan.jotti.org/de.
Win7 64bit latest, German Language
Immunet 3.1.8.9583
CPU i5-3570K, 4200 MHz
8GB RAM

#3 qurious

qurious

    Newbie

  • Members
  • Pip
  • 3 posts

Posted 11 May 2014 - 07:33 AM

Hello Sveni

Thanks for your reply. I have tried restoring the quarantined files from Immunet to upload to virustotal. Immunet created a temp file which virustotal cannot recognise. Is there someway for the file to be converted so that virustotal can recognise it?

My apologies if my questions are simple. I am not a tech-head and am new to this.

Thanks
qurious

#4 ritchie58

ritchie58

    Staff Member

  • Moderators
  • 1,794 posts
  • LocationOil City, Pa. U.S.A.

Posted 11 May 2014 - 09:07 PM

Hi quious, this temp file is associated with Microsoft Security Essentials or Defender. The temp file is used when MSE/Defender is updating and installing new defination signatures. Go ahead and restore these files from Quarantine since they are false positives. To avoid any further conflicts like this add MSE/Defender's complete Program Files folder to Immunet's Exclusion List. Also it's a good idea to add Immunet's Program Files folder into MSE/Defender's exclusion/exception list too. That way they will see each other as legit programs.

Cheers, Ritchie...

* Immunet Global Forum Moderator *


#5 qurious

qurious

    Newbie

  • Members
  • Pip
  • 3 posts

Posted 13 May 2014 - 07:09 AM

Hello Ritchie58

Wll do.
Thanks for your help.

Best Regards




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users