intelmain.exe blocked by Deepguard

baroque-quest
baroque-quest Posts: 74 Enthusiast

About a week ago, AV started worrying about intelmain.exe.  Deepguard complained that this file was dangerous or something like that.  However, that file is supplied by Intel and is used to start its Desktop Utilities.  F-Secure can find it at intel.com.  I chatted with customer support and was told to send it to F-Secure in the download procedure used with files from porn sites and other nonsense.  No, I will not do that because F-Secure should not be blocking known good files used by millions of people around the world.

 

I have a three-user license for AV.  The file is still a problem on two systems, with AV sometimes (it's not even consistent) asking if I trust the file.  On one system, F-Secure would not let Desktop Utilities start at all, forcing me to re-install; I am not pleased.  I still have not re-installed F-Secure on that system.  Anyone want to explain why intelmain.exe is a problem?  This reminds me of some of the abuse Avira has perpetrated on its customer base in the last year.  I am seriously considering a change to G-Data.

 

P.S. I also have three systems loaded with Norton and MBAM.  They do not have a problem with intelmain.exe.

Comments

  • Hi baroque-quest,

    I could think of 2 possibilities at this point. It's either the file was infected or false positive detection. I would recommend you to send us the sample of the "intelmain.exe" from the computer in question for further analysis.

    Open the F-Secure Sample Analysis System.
    - Please Signup for an account then log on at Sample Analysis System.
    - Login to the Sample Analysis System and follow the steps below.
    - Choose Submit a new Sample
    - Choose False positive for Sample type.
    - Follow the on screen instructions to complete.

    You may include this post in description as well. You will receive a case ticket titled [FS-TXXXXXX] from our Security Respond Lab after you submitted the program sample on F-Secure Sample Analysis System. Our Security Response Lab will work on it and get back to you directly.

    Thanks.


    Best Regards,
    Jayson

  • baroque-quest
    baroque-quest Posts: 74 Enthusiast

    I agree, the two possibilities are

     - the file is infected, or

     - Deepguard is having a false positive problem.

     

    However, if the file is infected, why wouldn't Norton or Malwarebytes flag the file, especially given that these three systems are dual-boots with one boot running F-Secure and the other running Norton / Malwarebytes?  I have run scans of the entire disk using all three applications.

     

    Deepguard is the problem.

     

    I submitted the file to F-Secure.

  • Rusli
    Rusli Posts: 1,019 Influencer

    Well it's a good thing that you bring the matter up early.

     

    Not to worry. Hope F-Secure fix the issues right away.

     

  • baroque-quest
    baroque-quest Posts: 74 Enthusiast

    "Well it's a good thing that you bring the matter up early."

     

    I'm not sure if that was sarcasm or not.  I'll assume not.  When I posted the first post in this thread, I was ticked because I had to uninstall and then reinstall both F-Secure and Desktop Utilities, something I should never have to do.  It is my experience that AVs never uninstall cleanly, often resulting in multiple copies of it or zombie-parts still running.  I have uninstalled AVG IS and found that their firewall was still running, causing problems with the next AV; I ended up reinstalling the OS in that case.  Norton used to be a pain to uninstall because one needed to separately remove the AV and LiveUpdate and then clean-up the registry and other locations.

     

    I do not become upset if an AV has a false positive with some unusual application, especially one downloaded from an obscure site.  But intelmain.exe has been around for years, as long as Intel's Desktop Utilities has been around, I'll wager.  False positives on major files like that should not happen, especially gven that there are millions of Intel motherboards around the world.

This discussion has been closed.
Pricing & Product Info