Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Akamai Net Session Interface


  • Please log in to reply
1 reply to this topic

#1 goaliedan

goaliedan

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:04:24 PM

Posted 26 July 2014 - 02:14 PM

Recently, I installed a trial version of Emsisoft. In looking at the "Behavior Blocker" function, The Akamai application was flagged. After clicking "edit rules", I noticed boxes were checked that would ALLOW Trojan dropping, backdooring and various malware-related actions. Am I safe in assuming that with these boxes checked as "allowed" actions, my computer is at risk? The Akamai Net Session Interface was included as part of Autodesk software programs being installed. Evidently, it allows Autodesk products to communicate with my computer via their Server. I'll research Akamai and Emsisoft's definitions further, but I'm hoping someone can provide me with their insight. If necessary, I can provide log files and screenshots of what I found.

 

Thank you in advance.



BC AdBot (Login to Remove)

 


#2 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 61,309 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:02:24 AM

Posted 26 July 2014 - 03:13 PM

Hi goaliedan,

The rules you can create allow you to specify what type of behavior you want to monitor for a certain application. The akamai alert was most likely a false positive (I can only guess here, but if you have more information about the file I can verify this for you). If you create a rule to allow or block the akamai executable, you can opt to allow or block all types of behavior, or you can select only, say backdoor activity (just an example). This has no influence on what the behavior blocker will do with the rest of processes/applications it monitors.

 

You can safely create a rule to allow all behavior from this process though, this will not put your computer at risk. Doing this will not actually allow akamai to install a backdoor (to stick with that example), it will simply not monitor the process for activity that may or may not be backdoor related.

 

Its good to keep in mind that behavioral detection looks at what a file does, and does not take in consideration where the file comes from. So, it notices a behavioral pattern and alerts you. If you want to be sure you can upload the file that caused the alert to http://www.virustotal.com and post the link to the scan results here.


regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users