Jump to content
VJ Cow

False positive or a real virus??

By VJ Cow, in False Positives

Recommended Posts

VJ Cow   

VJ Cow
Posted

Hi guys,I am new around this forum :-D ... I was scanning my computer last 1 hour and SAS detected Trojan.Agent/Gen-Decay in these files:

- C:\PROGRAM FILES\ADOBE\READER 10.0\READER\READER_SL.EXE

- C:\WINDOWS\INSTALLER\$PATCHCACHE$\MANAGED\68AB67CA7DA73301B744AA0100000010\10.1.0\READER_SL.EXE

- C:\Windows\Prefetch\READER_SL.EXE-E503013B.pf

My antivirus couldn,t detected it,even with full scan.. is it a false positive?? Thanks for helping.. ^_^

Share this post

Link to post
Share on other sites

coyote   

coyote
Posted

Ditto. On both of my (XP Pro) machines. I submitted it as a (suspected) false positive.

Not that I want Reader's Speed Launcher functionality, which I've always disabled the Startup of (which makes me wonder what it's doing in Prefetch).

Share this post

Link to post
Share on other sites

ProTruckDriver   

ProTruckDriver
Posted

Yesterday I had 1 FP that is not fixed yet. Today I have 2 more. What's UP ? :-(

ALL reported with Built-in False Positive Reporter.

SUPERAntiSpyware Scan Log

https://www.superantispyware.com

Generated 06/16/2012 at 01:27 PM

Application Version : 5.0.1150

Core Rules Database Version : 8750

Trace Rules Database Version: 6562

Scan type : Complete Scan

Total Scan Time : 00:31:00

Operating System Information

Windows XP Professional 32-bit, Service Pack 3 (Build 5.01.2600)

Administrator

Memory items scanned : 414

Memory threats detected : 0

Registry items scanned : 35087

Registry threats detected : 0

File items scanned : 38106

File threats detected : 3

Trojan.Agent/Gen-Decay

C:\PROGRAM FILES\ADOBE\READER 10.0\READER\READER_SL.EXE

C:\WINDOWS\INSTALLER\$PATCHCACHE$\MANAGED\68AB67CA7DA73301B744AA0100000010\10.1.0\READER_SL.EXE

Trojan.Agent/Gen-Chifrax

C:\WINDOWS\$NTSERVICEPACKUNINSTALL$\WEXTRACT.EXE

Share this post

Link to post
Share on other sites

VJ Cow   

VJ Cow
Posted

By the way, I had deleted those files that was detected by SAS.. Should I reinstall my Adobe Reader??

Share this post

Link to post
Share on other sites

coyote   

coyote
Posted

By the way, I had deleted those files that was detected by SAS.. Should I reinstall my Adobe Reader??

Maybe (you want to uninstall/reinstall Reader). Might depend whether you like Reader's Speed Launcher functionality (which I've always disabled the Startup of, so I'm tempted to manually delete those files). Depending, and if Reader functions without those files, you might leave it as-is.

Basically, Adobe Reader Speed Launcher starts with Windows, so that when you want to open a pdf it happens quicker. Personally I don't want my system to take on that overhead until I want to open a pdf.

"Adobe Reader Speed Launcher...automatically starts upon log-in or start-up of your Windows PC. It runs only once at start-up or log-in and quickly opens and closes all the files Adobe Reader will use when it starts. This is done so the files are already pre-included in your system's memory when you choose to use the Adobe Reader application."

Share this post

Link to post
Share on other sites

rwilles   

rwilles
Posted

Don't know if it is false. Computer was hung this morning. Had to pull the power to restart. Sas was the only scan to find anything (avast and malwarebytes). Quarantined files and rebooted. Comp will sleep now.

Share this post

Link to post
Share on other sites

coyote   

coyote
Posted

Don't know if it is false. Computer was hung this morning. Had to pull the power to restart. Sas was the only scan to find anything (avast and malwarebytes). Quarantined files and rebooted. Comp will sleep now.

A lot of things can hang an operating system. As long as yours is idle, you might want to boot to a CD to run RAM diagnostics, and to run hard drive diagnostics (a good option is to use boot a CD of the diagnostic program by the hard drive's manufacturer).

(A weeks ago I was surprised to find my system was hanging when a SAS scan got to a NON-system (i.e. not my boot drive) hard drive, because that hard drive showed errors (also surprising, the Hitachi Drive Fitness Test showed no errors on that drive, but HD Tune did. I feel confident it was hardware because rolling back my OS months didn't help, and replacing the hard drive [under warranty] resolved the issue.)

Share this post

Link to post
Share on other sites
Guest
This topic is now closed to further replies.
Go To Topic Listing
×
×
  • Create New...