Jump to content
ILuvPansies

Trojan.Agent/Gen-Nullo [Short] a false positive?

Recommended Posts

Hello, I just downloaded SAS and immediately ran a complete scan (and checked the box to have info sent) The results are listed:

Generated 12/18/2009 at 06:30 PM

Application Version : 4.32.1000

Core Rules Database Version : 4391

Trace Rules Database Version: 2228

Scan type : Complete Scan

Total Scan Time : 00:24:21

Memory items scanned : 564

Memory threats detected : 0

Registry items scanned : 7123

Registry threats detected : 0

File items scanned : 23724

File threats detected : 3

Trojan.Agent/Gen-Nullo[short]

C:\WINDOWS\SYSTEM32\ELBLQDAV.DLL

C:\WINDOWS\SYSTEM32\MPFCYPKT.DLL

C:\WINDOWS\SYSTEM32\PMTHFPQH.DLL

I tried to find out information on the SAS forum website and did a google search on Trojan.Agent/Gen-Nullo and the three dll files individually. I couldn't find any info on either site. What are these dll files? I quarantined them to be safe (and because I can restore them later if necessary). Are these 3 dll files really part of a trojan. I just couldn't understand why I couldn't find absolutely no information on them if they were. Is this a false positive? Thanks in advance for your help ; )

Share this post


Link to post
Share on other sites

Those look like fake dropper files or files left over from a previous scan that were not removed, and are caught by our scanner. They are not false positives.

Share this post


Link to post
Share on other sites

Thanks for your quick response...I am sure you are right that they are leftover files from a previously scan ......When someone used my computer a while back..... I got infected big time.....will go ahead and delete them......Thanks for all your help.....Have been impressed with SAS performance......Happy Holidays!

Share this post


Link to post
Share on other sites
Guest
This topic is now closed to further replies.

×
×
  • Create New...