Xeaaq

EEK Detects malware in its own temp files.

Recommended Posts

I was doing a full scan after a normal scan and at about 75% it detected malware in C:\Users\(username)\AppData\Local\Temp\EEK\(Some random numbers and letters).zip -> (other random numbers and letters).dat

It says it's Gen:Variant.Ursu.198004 (B). I think it said that that specific type isn't known and provided a list to check if the category explains what kinda malware it is. I can't check right now though since I can't access the internet with my PC right now.

I put a file of the same type in the quarantine when I did the first scan since I wasn't sure if it was a false positive or an actual detection, so it might be detecting something in the quarantine.

I use Windows 10 x64 and I did this scan in safe mode. The reason I did the scan in safe mode is because I wanted to make sure there isn't anything wrong with my PC before using it and I'm kind of overprotective if that's the right word to use.

I'm using the latest version of EEK.

EEK didn't detect anything other than the program I put in quarantine so I don't think the temp files are infected by a virus. The program I put in quarantine was a joke spambot I made myself so I don't think it's a virus or anything like that, unless it's infected by a virus and I think thats really unlikely.

Edit: I'm going to add that right now I just want to know if I can delete or quarantine this file so I can turn off my PC and go to bed. I can give more details tomorrow if this is a bug or something so it can be fixed. 

Share this post


Link to post
Share on other sites

I would believe those TEMP files are created by BitDefender's scan engine when it is scanning inside archives (or when quarantined files are being rescanned). I don't think they give any specific way to whitelist the files so that they won't be detected, however I will ask our malware analysts for more info.

  • Upvote 1

Share this post


Link to post
Share on other sites
7 hours ago, GT500 said:

I would believe those TEMP files are created by BitDefender's scan engine when it is scanning inside archives (or when quarantined files are being rescanned). I don't think they give any specific way to whitelist the files so that they won't be detected, however I will ask our malware analysts for more info.

Okay thank you.

Is it ok to just delete those EEK Temp files after the scan or what should I do with them?

Share this post


Link to post
Share on other sites

After the scan they are not needed anymore. Feel free to delete them, or to clear your TEMP files if you want to.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

  • Recently Browsing   0 members

    No registered users viewing this page.