Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 2 replies
  • Subscribers 1 subscriber
  • Views 1723 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Xampp false positive?

gitrah

Hello,


I have installed Xampp1.7.3 but Sophos gives "Suspicious file warning HIPS/ProcInj-001" on 2 files;

Xampp_cli.exe,
Xamp-contrile.exe.


I have searched the forum with xampp key words but can't find any one els with this problem and i downloaded the installer from the official site(www.apachefriends.org).


Is this a known issue or does anyone els have the same problem, what should i do?

Thanks,

Gitrah

:5365


This thread was automatically locked due to age.
Parents
  • 0

    Hello Gitrah,

    as the analysis of  HIPS/ProcInj-001 says this could indicate a malware infection and Please note that the behavior of some legitimate product installers can sometimes resemble that of malware. Also if you follow the link to the article deciding whether to allow or block a file you'll find the following paragraph:

    What next?

    • If, after reading this guide, you decide that the item is legitimate, authorize it. if an application is identified which you believe is fairly widely used, and you feel that the level of detection is too sensitive, please submit the file to SophosLabs and ask to have the application reviewed.
    • If you decide that the item is suspicious and you are reluctant to authorize it, send it to SophosLabs for analysis.

    I hope this answers your question

    Christian

    :5369
Reply
  • 0

    Hello Gitrah,

    as the analysis of  HIPS/ProcInj-001 says this could indicate a malware infection and Please note that the behavior of some legitimate product installers can sometimes resemble that of malware. Also if you follow the link to the article deciding whether to allow or block a file you'll find the following paragraph:

    What next?

    • If, after reading this guide, you decide that the item is legitimate, authorize it. if an application is identified which you believe is fairly widely used, and you feel that the level of detection is too sensitive, please submit the file to SophosLabs and ask to have the application reviewed.
    • If you decide that the item is suspicious and you are reluctant to authorize it, send it to SophosLabs for analysis.

    I hope this answers your question

    Christian

    :5369
Children
No Data
Unfiltered HTML