Jump to content

Recommended Posts

Posted

I got the same detection for VHO:Trojan-Spy.MSIL.Convagent.gen but for firefoxhelper.exe. Kaspersky Premium couldn´t fix it.

The location is C:\Recovery\Customizations\usmt.ppkg//ICB\0\MachineSpecific\File\C$\Preload\APP\FIREFOX\callback\FirefoxHelper.exe but I didn´t found a recovery in including folder.

I couldn´t find any suspicious processes and no active process for firefoxhelper.exe when Iooked into the task manager.

Now I´m not sure if it is real trojan or a false positive.

Windows 10 Home 10.0.19045 Build.

Posted

Welcome to Kaspersky Community.

 

Pause temporally K. protection, restore that file from quarantine, log in https://opentip.kaspersky.com/ with Your My Kaspersky credentials, upload the file, when get the verdict, click on Submit to reanalyze, type Your email address and below also add the URL of this thread, resume K. protection, wait for the final verdict from K. analyst.

Posted (edited)

Sorry but there is no file in the quarantine, the report in Kaspersky shows 2 times that it detected this trojan cause of machine learning and 1 time that the deinfection of the file isn´t possible. So I am currently struggeling how I should find the file.

As said I can´t the file aswell in the named folder as there´s no such folder.

Edited by Mag2023
Posted

Can You post a screen capture of the full detection?

Posted

Ok, I see the detection is in this folder:

 

image.thumb.png.4b5a8cc5441e8ba649eb7908c98cc5cf.png

 

It is Probably a hidden folder in Your system, I would say this is some kind of preinstalled software in Your system ? it is a lap or a desktop? Did You buy that system with that preinstalled Windows system? If so, probably it is a false positive, or maybe not... MSI system?

  • Like 1
Posted (edited)

It is a laptop, yes I bought the laptop with the preinstalled Windows 10 system. It is about 5 years old and I didn´t get this message from Kaspersky over all these years. In march there was a Update of Windows.

But I can´t really remember if I had to install Firefox, but I would assume.

 

Edited by Mag2023
  • Like 1
Posted

Actually I already did that and there is no such folder. When I click in Kapsersky on open the containing folder, I get to that folder where the recovery is supposed to be but there is no folder even no hidden one.

I don´t see a recovery folder even if my Disk manager shows me 1, in CMD while tipping reagentc/info I see that it is enabled. But Windows keeps telling me that it is not able to perform a Recovery.

Posted

Hum... without that file, We can't report it to Kaspersky analysts...

Posted

Any ideas how I can get that file or how I can find this folder?

Igor Kurzin
Posted

Hi @Mag2023, this is a false detection, it was fixed on the 12th of April. Please update databases. We apologize for the inconveniences caused. 

  • Like 2

Please sign in to comment

You will be able to leave a comment after signing in



Sign In Now


×
×
  • Create New...