Jump to content

Two Detetions

qurious

By qurious,
in Malware Detections

Recommended Posts

qurious Newbie

qurious

Posted
Posted

Hello

 

Immunet has quarantined 2 files:

 

1. clam.exploit.java.kaixin-1

2.spyware.hacktool.smz

 

I am trying to determine if these files are false positives or real threats.

 

Immunet says the original file path was C:\Windows\Temp\BF482F53-D448-408C-9637-9647BF604991-Sigs\0C22E2E3-6F20-47D0-8F06-AED3A0976B71mpavdlta.vdm.new.temp. However, the folder C:\Windows\Temp\BF482F53-D448-408C-9637-9647BF604991-Sigs is empty.

 

Could anyone please advise if they have any experience with these files?

 

Thanks

qurious

Link to comment
Share on other sites
qurious Newbie

qurious

Posted
  • Author
Posted

Hello Sveni

 

Thanks for your reply. I have tried restoring the quarantined files from Immunet to upload to virustotal. Immunet created a temp file which virustotal cannot recognise. Is there someway for the file to be converted so that virustotal can recognise it?

 

My apologies if my questions are simple. I am not a tech-head and am new to this.

 

Thanks

qurious

Link to comment
Share on other sites
ritchie58 Community Regular

ritchie58

Posted
Posted

Hi quious, this temp file is associated with Microsoft Security Essentials or Defender. The temp file is used when MSE/Defender is updating and installing new defination signatures. Go ahead and restore these files from Quarantine since they are false positives. To avoid any further conflicts like this add MSE/Defender's complete Program Files folder to Immunet's Exclusion List. Also it's a good idea to add Immunet's Program Files folder into MSE/Defender's exclusion/exception list too. That way they will see each other as legit programs.

 

Cheers, Ritchie...

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

Go to topic listing
×
×
  • Create New...