Jump to content

Recommended Posts

Are the following SAS detections false positives?

 

Trojan.Agent/Gen-StartPage
c:\USERS\XXXX\APPDATA\LOCALOW\FCSB...\UNINST.EXE
 
Trojan.Agent/Gen-Genome
C:\PROGRAM FILES (X86)\IDRIVEWINDO...\IDWIDLESTAT.EXE
 
Please advise.  
 
Thank you,
Inkfrog

Share this post


Link to post
Share on other sites

The uninst.exe file in the locallow folder should be fine to delete as these are roaming and temp files.

 

the idrivewindow file looks like an online backup program so you should wait to see from a member of the SAS team as to whether or not it is an FP or something serious.

 

Keep updating your version of SAS and run a scan on that folders path to see if it still gets detected.

Share this post


Link to post
Share on other sites
Guest
This topic is now closed to further replies.

×