Jump to content
claudiot

Windows defender "detects" an Immunet file?

Recommended Posts

Today I found messages from Windows Defender, one every hour since midnight, stating that it found "TrojanDownloader:JS/Nemucod" in

C:\Program Files\Immunet\clamav\0.100.0.60\clamav-127ae86972fae58f8f7b35fa9bc7c513.tmp\clamav-b1fab55088b03613ebc238d1c93d696e.tmp\daily.ldb

... it is a false positive, isn't it?

 

Thanks

 

 

Edited by claudiot

Share this post


Link to post
Share on other sites

probably the same file that comes with ClamAV, but you can run a SHA256 against it and upload it to virus total to verify

We don't package viruses with our software, I promise :)

Share this post


Link to post
Share on other sites

Hi claudiot, please click on this link to a thread I just posted to a similar Support topic that will show you how to avoid these false positives by creating a custom exception rule with Win 10 Defender.                                                                                        
http://support.immunet.com/topic/3706-trojandownloader-jsnemucod/

  • Like 1

Share this post


Link to post
Share on other sites

Hi,

yes, of course you don't package viruses with your software, and I added an exclusion for the whole clamav directory. I can't (I'm not able to) send a sample to Virustotal, since it seems to be a temporary directory built when downloading updates, so when I check the directory seems to be already gone. And, I don't like to exclude directories in general, since it would be cute for a malware to install itself in an excluded directory... which is why I asked. Also, this is a very old issue, antimalware detecting other antimalware's files as malware, so I supposed this to be tested as routine before releasing updates. If it is a false positive, other people would have the same issue. JohnJ had  exactly the same issue, so now I'm fine :) .

Thanks

Edited by claudiot

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×