Jump to content
Sign in to follow this  
Followers 0
terralenaire

Trojan.Agent/Gen-SplitDropper

By terralenaire, in General Questions

Recommended Posts

terralenaire   

terralenaire
Posted

Hi ive been using SAS for months now

This is the 1st time i experienced something like this .... logs posted:

been getting the same trojan agent after rescanning / quarantining 3 times now ...

is it a false positive or am i doing something wrong on removing it

THx

______________________________________________________________________

SUPERAntiSpyware Scan Log

https://www.superantispyware.com

Generated 02/04/2010 at 11:48 AM

Application Version : 4.33.1000

Core Rules Database Version : 4554

Trace Rules Database Version: 2366

Scan type : Quick Scan

Total Scan Time : 00:16:04

Memory items scanned : 537

Memory threats detected : 1

Registry items scanned : 520

Registry threats detected : 0

File items scanned : 7009

File threats detected : 4

Trojan.Agent/Gen-SplitDropper

C:\WINDOWS\SYSTEM32\844B3A\NEVA9853.EXE

C:\WINDOWS\SYSTEM32\844B3A\NEVA9853.EXE

C:\WINDOWS\SYSTEM32\844B3A\A-BT85.EXE

C:\WINDOWS\Prefetch\NEVA9853.EXE-07C7E868.pf

Adware.Tracking Cookie

C:\Documents and Settings\Station 1\Cookies\station_1@atdmt[2].txt

Share this post

Link to post
Share on other sites

siliconman01   

siliconman01
Posted

These do not appear to be False Positives and are malicious files as detected by SAS. Are you checking the boxes by each of the infected files at the point where the scan has completed and the infected files are identified and SAS is waiting your permission to quarantine them? If so, the files should be showing up in your SAS Quarantine folder once they are removed.

If they keep coming back, then you should file a CSR and let the SAS gurus help you.

https://www.superantispyware.com/precreateticket.html

Share this post

Link to post
Share on other sites

terralenaire   

terralenaire
Posted

Yes I see the quarantined files everytime I do a scan....

Just checked it now ... its the same 4 files ...

Am I doing something wrong ?... should i set systemrestore off , safe mode , scan and quarantine, then turn on system restore again ..... ?

its what a friend recommended ...

Share this post

Link to post
Share on other sites

siliconman01   

siliconman01
Posted
Am I doing something wrong ?... should i set systemrestore off , safe mode , scan and quarantine, then turn on system restore again ..... ?

its what a friend recommended ...

The above is worth a try, yes. Also download/install the free version of Malwarebytes from the link below. Update the definitions for it and then scan with it. Quarantine what it finds.

http://www.malwarebytes.org/

Share this post

Link to post
Share on other sites

SUPERAntiSpy   

SUPERAntiSpy
Posted

Yes I see the quarantined files everytime I do a scan....

Just checked it now ... its the same 4 files ...

Am I doing something wrong ?... should i set systemrestore off , safe mode , scan and quarantine, then turn on system restore again ..... ?

its what a friend recommended ...

Submit a support request here so we can run a diagnostic:

https://www.superantispyware.com/csrcreateticket.html

Share this post

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  
Followers 0
Go To Topic Listing General Questions
×