robinb9 Posted June 22, 2009 i just checked 3 client machines and found superantispyware - torjan.agent/genmsfalse 2 are xp media center and are totally different and both machines are in two different locations and have absolutely nothing to do with each other 1 is a vista home premium (mine) this seems to have happened after the last update 6/20/09 I just scanned my vista on thursday and it was clean. Machine was off all weekend and did an update this morning so i figured let me test it and do a full scan. sure enough the trojan is on it with the same exact files I am still doing the vista scan but i will put the log in when done. The others are sitting in quarantine 1st machine log- xp media center sp3: SUPERAntiSpyware Scan Log https://www.superantispyware.com Generated 06/20/2009 at 04:14 PM Application Version : 4.26.1004 Core Rules Database Version : 3949 Trace Rules Database Version: 1891 Scan type : Quick Scan Total Scan Time : 00:14:51 Memory items scanned : 594 Memory threats detected : 0 Registry items scanned : 555 Registry threats detected : 0 File items scanned : 10599 File threats detected : 1 Trojan.Agent/Gen-MSFake C:\I386\MSVCRT.DLL 2nd machine: xp media center sp3: SUPERAntiSpyware Scan Log https://www.superantispyware.com Generated 06/22/2009 at 11:56 AM Application Version : 4.26.1004 Core Rules Database Version : 3949 Trace Rules Database Version: 1891 Scan type : Complete Scan Total Scan Time : 00:57:25 Memory items scanned : 512 Memory threats detected : 0 Registry items scanned : 6204 Registry threats detected : 0 File items scanned : 23745 File threats detected : 2 Trojan.Agent/Gen-MSFake C:\I386\MSVCRT.DLL C:\WINDOWS\$NTSERVICEPACKUNINSTALL$\MSVCRT.DLL Share this post Link to post Share on other sites
robinb9 Posted June 22, 2009 here is the vista home premium's scans too seems they all have the exact same file in question SUPERAntiSpyware Scan Log https://www.superantispyware.com Generated 06/22/2009 at 12:59 PM Application Version : 4.26.1004 Core Rules Database Version : 3949 Trace Rules Database Version: 1891 Scan type : Complete Scan Total Scan Time : 01:22:41 Memory items scanned : 891 Memory threats detected : 0 Registry items scanned : 7790 Registry threats detected : 0 File items scanned : 41379 File threats detected : 3 Adware.Tracking Cookie C:\Users\Robinb\AppData\Roaming\Microsoft\Windows\Cookies\robinb@atdmt[2].txt Trojan.Agent/Gen-MSFake C:\$INPLACE.~TR\MACHINE\DATA\WINDOWS\SYSTEM32\MSVCRT.DLL C:\I386\MSVCRT.DLL anyone else seeing this? robin Share this post Link to post Share on other sites
prairie dog Posted June 22, 2009 There's a thread started in the false positive area about this viewtopic.php?f=4&t=3106 Share this post Link to post Share on other sites
robinb9 Posted June 22, 2009 wonderful, i am remotely on the 4 computers that had it, just updated them and am running new scans. I will let you know either way when they finish robin Share this post Link to post Share on other sites
robinb9 Posted June 22, 2009 no more trojan pickup on all machines after new definitions and full scan thanks so much robin Share this post Link to post Share on other sites