Jump to content

Recommended Posts

Posted

Hello,

Today  on our computers Eset  detected Win64/GenKryptik.GNVE in a  file/application  which was already used for some weeks (ovpnconnecter.exe - part of Open VPN)

Is it a false positive ?

Here the hash 48937C35DA724A6806A180AF241910E4889A0FB5

 

  • Administrators
Posted

Please provide logs collected with ESET Log Collector. This detection was removed in 2023.

Posted

How can I send you the log in a secure way ?

  • Administrators
Posted

Attachments uploaded here are accessible only by the ESET staff.  I would say they don't contain any confidential data anyways. Alternatively you can upload the archive to OneDriver, Google Drive, Dropbox, etc. and drop me a private message with a download link.

  • Administrators
Posted

Where did you see the detection? The Detections log is empty and there are no on-demand scan logs either.

Posted

I see in the cloud console 

image.thumb.png.f61dd7620583e31536fab53245bed7a2.png

and on the local machine

 

image.thumb.png.26961b5b2a83cb9e91d75d8b85e69527.png

Posted

You can have a look on the virustotal.com

 

image.thumb.png.1117035820c4026b35de8289845ce48e.png

  • Administrators
Posted

The logs seem to be same as before, also the time is same.

collector_log.txt
[13:37:47.335] WARNING: Not running under administrator account.

Nevertheless, I see the file in quarantine which should be enough for analysis. Will keep you posted.

  • Administrators
  • Solution
Posted

It was a false positive, the detection was removed an hour ago and a new update is being built as we speak.

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...