AcheyBreakyHeart3 Posted January 26, 2012 Report Share Posted January 26, 2012 Whilst installing GPG4win from here: http://gpg4win.org/download.html The file update-mime-database.exe was detected as W32.Unpacked and quarantined. I've attempted to attach but not allowed. Can anyone confirm if this is a false positive? I believe it is but if someone at Immunet can confirm for sure that would be great. Thanks Link to comment Share on other sites More sharing options...
ritchie58 Posted January 26, 2012 Report Share Posted January 26, 2012 Hi Achey, might I suggest you submit the installer package for a malware scan at virustotal. If the installer is deemed safe what you could try is restoring the file from Quarantine. That will automatically place the file in Immunet's Exclusion List. Also temporarily disable Monitor Program Install and Blocking Mode in the Settings and the installer should work then. Don't forget to turn those settings back on afterwards. Best of luck, ritchie58... Link to comment Share on other sites More sharing options...
AcheyBreakyHeart3 Posted January 26, 2012 Author Report Share Posted January 26, 2012 Hi, thanks for your reply. I've unquarantined the file, that's fine. Do Sourcefire ever check this and add false positive data to their definitions? Link to comment Share on other sites More sharing options...
ritchie58 Posted January 26, 2012 Report Share Posted January 26, 2012 Yes they do. If a suspicious or unrecognized file is encountered and flagged as possibily malicious and then later to be found safe that file is "whitelisted" so other users don't encounter the same situation in the future. I've heard of that GPG4 before. That's an email client that uses encryption algorithms for security is it not? Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.