Sign in to follow this  
emihaela85

possible false positive

Recommended Posts

Hi emihaela85,

Please submit to EMSI developers from the detection list

Files were submitted from here

Files are flagged here in C:\WINDOWS\system32\wbem\ c:\windows\system32\dllcache\ folders

Located in these folders those are System MS files

At the same time files under the same name that could be residing in other folders, e.g. just in \system32\ could be a malware (reported in the past according to some research)

My regards

p.s. next time please provide more detailed information about your System Environment as in Forum Posting Rules #2)

Share this post


Link to post
Share on other sites

After updating the definitions on 4/14

c:\windows\system32\dllcache\unsecapp.exe

C:\WINDOWS\system32\wbem\unsecapp.exe

both classified as trojan.win32.genome.hfcz!A2

Windows xp pro service 3

with Avira Personal, comodo firewall, prevx free, and threatfire

scanned with malwarebytes, superantispyware, and hitman pro with there on-demand scanners, came up clean

submitted files to virustotal.com only a-squared classified it as a trojan

also submitted the files from the detection list using the false positive option from a-squared free

Share this post


Link to post
Share on other sites
...also submitted the files from the detection list using the false positive option from a-squared free

Hi AviraHelp, welcome to the forum

Thanks for submitting - that was right things to do

I'm sure we'll have a fix soon with the nearest update

My regards

Share this post


Link to post
Share on other sites

Anything i can do to help improve one of my favorite on-demand scanners, i will do :)

1st, thanks a lot AviraHelp

Then I sent the files just 2 hours ago by e-mail in addition

and this FP is fixed now. Please update

My regards

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Sign in to follow this  

  • Recently Browsing   0 members

    No registered users viewing this page.