Virus reported in WMI Explorer

Support for all customers who have purchased a WMI Explorer product license. This forum does not offer a response time guarantee.
Forum rules
DO NOT POST SUBSCRIPTION NUMBERS, LICENSE KEYS OR ANY OTHER LICENSING INFORMATION IN THIS FORUM.
Only the original author and our tech personnel can reply to a topic that is created in this forum. If you find a topic that relates to an issue you are having, please create a new topic and reference the other in your post.

Any code longer than three lines should be added as code using the 'Select Code' dropdown menu or attached as a file.
User avatar
trwood
Posts: 14
Joined: Mon Jul 12, 2010 6:14 pm

Virus reported in WMI Explorer

Post by trwood » Sun Mar 18, 2018 8:29 pm

To help you better we need some information from you.

*** Please fill in the fields below. If you leave fields empty or specify 'latest' rather than the actual version your answer will be delayed as we will be forced to ask you for this information. ***

Product, version and build: WMI Explorer Version 2.2.76
64 bit version of product:
Operating system:
Windows 7 fully patched
64 bit OS:

*** Please add details and screenshots as needed below. ***
Microsoft Security Essentials is reporting multiple instances of a trojan following install.

MSE Version details
Antimalware Client Version: 4.10.209.0
Engine Version: 1.1.14600.4
Antivirus definition: 1.263.494.0
Antispyware definition: 1.263.494.0
Network Inspection System Engine Version: 2.1.14202.0
Network Inspection System Definition Version: 118.5.0.0
2018-03-19 14_09_08-Microsoft Security Essentials.png
2018-03-19 14_09_08-Microsoft Security Essentials.png (158.74 KiB) Viewed 1214 times

User avatar
Alexander Riedel
Posts: 6546
Joined: Tue May 29, 2007 4:43 pm

Re: Virus reported in WMI Explorer

Post by Alexander Riedel » Sun Mar 18, 2018 9:27 pm

The file indicated is a WMI cache file, which is generated on your computer and not shipped with the product.
I am quite certain it is a false positive, since the file is not really executable in any way.
It is a text file, you can open those files in any editor to check, they contain information about the WMI class with some partial HTML around it for display purposes.
Since this occurs on your machine, I would suggest to submit the file to Microsoft for verification:
https://www.microsoft.com/en-us/wdsi/filesubmission
just to be on the safe side.
Alexander Riedel
SAPIEN Technologies, Inc.

User avatar
Alexander Riedel
Posts: 6546
Joined: Tue May 29, 2007 4:43 pm

Re: Virus reported in WMI Explorer

Post by Alexander Riedel » Sun Mar 18, 2018 10:34 pm

no malware.png
no malware.png (28.89 KiB) Viewed 1193 times
Alexander Riedel
SAPIEN Technologies, Inc.

User avatar
trwood
Posts: 14
Joined: Mon Jul 12, 2010 6:14 pm

Re: Virus reported in WMI Explorer

Post by trwood » Mon Mar 19, 2018 2:44 pm

Thanks Alexander.
After sending the report, I looked a bit deeper and realised as you pointed out, the file is a local one.
I will submit to MS today.
Thanks for the prompt response.
Tom