Thursday, August 1, 2013

Network Malware Scanner - False Positive

I ran into an issue scanning for malware with EMCO Network Malware Scanner. It is a great tool for a quick scan, but I did run into a false positive with it. I turned it into them.

I run ESET Nod on our systems and the scanner was showing infections. After inspecting the findings it was hitting on a registry key for Nod. This is just a heads up if anyone else see's this warning.

1 DOMAINNAME
127.0.0.1
NMC.WORM.WIN32.NUQEL.FEQ
WORM
3 [REGKEY_HKLM_EXISTS] : \SYSTEM\CurrentControlSet\Services\ekrn  

-Gary

No comments:

Post a Comment

Comments are Welcome.