qbert55ca 0 Report post Posted August 15, 2010 I'm Not sure if this is a false positive or an actual virus. ESET does not tag it and neither does Malwarebytes but 3 days in a row Immunet has tagged it along with another file. All the hits start with Bit, then a short alpanumeric string, the dot tmp ex. bit5a.tmp, bit21w.tmp The second is a alphanumeric string devided into 2 or 3 sections. ex. {4FCAE697-0587-4DC7-BE86-6012862ABDC8} Some advice in this would be appreciated. Quote Share this post Link to post Share on other sites
markusg 2 Report post Posted August 15, 2010 to give you an answer we need an virus total result. or upload the files please. Quote Share this post Link to post Share on other sites
Guest orlando Report post Posted August 15, 2010 I need some information: 1-These files where they came from? 2-How big? Then do this: 1-Go on http://www.virustotal.com/ and sends the file, then post the results here. 2-Send the file to support_from_orlando@hotmail.it or orlandopivi@hotmail.it 3-Post file here indicted (if not too large). If you like, but not recommended (as perhaps useless) please scan with HijackThis and post the results here. Waiting for answers Regards, Orlando Quote Share this post Link to post Share on other sites
qbert55ca 0 Report post Posted August 15, 2010 How do I copy the files in quarintine and send them to you. Robert to give you an answer we need an virus total result. or upload the files please. Quote Share this post Link to post Share on other sites
Guest orlando Report post Posted August 15, 2010 How do I copy the files in quarintine and send them to you. Robert Zip the file and delete the offending files out of folders. Then send us the zip file. Orlando Quote Share this post Link to post Share on other sites
markusg 2 Report post Posted August 15, 2010 if you are not able to upoad the file, send us the virustotal result, immunet can download the file from vt directly. Quote Share this post Link to post Share on other sites
qbert55ca 0 Report post Posted August 15, 2010 I cannot send a Zip file because a single quanatined fil is 2028K. All of these are coming from C:\Documents and Settings\Robert\Local Settings\Application Data\Temp. The results from Virustotal shows only 1 found it to be a virus. Panda 10.0.2.7 2010.08.15 W32/Xor-encoded.A if you are not able to upoad the file, send us the virustotal result, immunet can download the file from vt directly. Quote Share this post Link to post Share on other sites
Guest orlando Report post Posted August 16, 2010 I cannot send a Zip file because a single quanatined fil is 2028K. All of these are coming from C:\Documents and Settings\Robert\Local Settings\Application Data\Temp. The results from Virustotal shows only 1 found it to be a virus. Panda 10.0.2.7 2010.08.15 W32/Xor-encoded.A It may be a false positive, but I can not say more because I have enough information. My advice is to delete all files in the temp folder. Are temporary files and therefore do not need, delete any other file folder. Empty C: \ Documents and Settings \ Robert \ Local Settings \ Application Data \ Temp \ *.* Regards, Orlando Quote Share this post Link to post Share on other sites
markusg 2 Report post Posted August 16, 2010 can you send us the virus total analyse link? immunet can use the md5 checksumm and download from virus total. Quote Share this post Link to post Share on other sites
Guest orlando Report post Posted August 16, 2010 can you send us the virus total analyse link? immunet can use the md5 checksumm and download from virus total. I saw the results and the file is clean. Orlando Quote Share this post Link to post Share on other sites
Guest Robert Report post Posted August 16, 2010 So if the file is clean why is IMMUNET continuing to quanatine these files Robert I saw the results and the file is clean. Orlando Quote Share this post Link to post Share on other sites
Guest orlando Report post Posted August 17, 2010 So if the file is clean why is IMMUNET continuing to quanatine these files Robert Hi Robert, Becouse it's a false positive. Should send the file via email to support@immunet.com and say it is a false positive, so they will correct the problem. Regards, Orlando Quote Share this post Link to post Share on other sites
sweidre 34 Report post Posted August 17, 2010 I'm Not sure if this is a false positive or an actual virus. ESET does not tag it and neither does Malwarebytes but 3 days in a row Immunet has tagged it along with another file. All the hits start with Bit, then a short alpanumeric string, the dot tmp ex. bit5a.tmp, bit21w.tmp The second is a alphanumeric string devided into 2 or 3 sections. ex. {4FCAE697-0587-4DC7-BE86-6012862ABDC8} Some advice in this would be appreciated. Hi Qbert, Have you used Google to search for your files using (")- signs around them? The list of search results might give you a clue! Cheers, sweidre Quote Share this post Link to post Share on other sites
alfred 21 Report post Posted August 24, 2010 I'm Not sure if this is a false positive or an actual virus. ESET does not tag it and neither does Malwarebytes but 3 days in a row Immunet has tagged it along with another file. All the hits start with Bit, then a short alpanumeric string, the dot tmp ex. bit5a.tmp, bit21w.tmp The second is a alphanumeric string devided into 2 or 3 sections. ex. {4FCAE697-0587-4DC7-BE86-6012862ABDC8} Some advice in this would be appreciated. If you can send me a support snapshot I probably figure out why this is happening. I am guessing we are FP'ing on dat files from another security product you have installed. You can learn how to send the support snapshot here: http://support.immunet.com/tiki-read_article.php?articleId=10 Please send it to alfred@immunet.com al Quote Share this post Link to post Share on other sites