Jump to content
qurious

Two Detetions

Recommended Posts

Hello

 

Immunet has quarantined 2 files:

 

1. clam.exploit.java.kaixin-1

2.spyware.hacktool.smz

 

I am trying to determine if these files are false positives or real threats.

 

Immunet says the original file path was C:\Windows\Temp\BF482F53-D448-408C-9637-9647BF604991-Sigs\0C22E2E3-6F20-47D0-8F06-AED3A0976B71mpavdlta.vdm.new.temp. However, the folder C:\Windows\Temp\BF482F53-D448-408C-9637-9647BF604991-Sigs is empty.

 

Could anyone please advise if they have any experience with these files?

 

Thanks

qurious

Share this post


Link to post
Share on other sites

Hello Sveni

 

Thanks for your reply. I have tried restoring the quarantined files from Immunet to upload to virustotal. Immunet created a temp file which virustotal cannot recognise. Is there someway for the file to be converted so that virustotal can recognise it?

 

My apologies if my questions are simple. I am not a tech-head and am new to this.

 

Thanks

qurious

Share this post


Link to post
Share on other sites

Hi quious, this temp file is associated with Microsoft Security Essentials or Defender. The temp file is used when MSE/Defender is updating and installing new defination signatures. Go ahead and restore these files from Quarantine since they are false positives. To avoid any further conflicts like this add MSE/Defender's complete Program Files folder to Immunet's Exclusion List. Also it's a good idea to add Immunet's Program Files folder into MSE/Defender's exclusion/exception list too. That way they will see each other as legit programs.

 

Cheers, Ritchie...

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×