VJ Cow Posted June 16, 2012 Hi guys,I am new around this forum ... I was scanning my computer last 1 hour and SAS detected Trojan.Agent/Gen-Decay in these files: - C:\PROGRAM FILES\ADOBE\READER 10.0\READER\READER_SL.EXE - C:\WINDOWS\INSTALLER\$PATCHCACHE$\MANAGED\68AB67CA7DA73301B744AA0100000010\10.1.0\READER_SL.EXE - C:\Windows\Prefetch\READER_SL.EXE-E503013B.pf My antivirus couldn,t detected it,even with full scan.. is it a false positive?? Thanks for helping.. Share this post Link to post Share on other sites
coyote Posted June 16, 2012 Ditto. On both of my (XP Pro) machines. I submitted it as a (suspected) false positive. Not that I want Reader's Speed Launcher functionality, which I've always disabled the Startup of (which makes me wonder what it's doing in Prefetch). Share this post Link to post Share on other sites
ProTruckDriver Posted June 16, 2012 Yesterday I had 1 FP that is not fixed yet. Today I have 2 more. What's UP ? ALL reported with Built-in False Positive Reporter. SUPERAntiSpyware Scan Log https://www.superantispyware.com Generated 06/16/2012 at 01:27 PM Application Version : 5.0.1150 Core Rules Database Version : 8750 Trace Rules Database Version: 6562 Scan type : Complete Scan Total Scan Time : 00:31:00 Operating System Information Windows XP Professional 32-bit, Service Pack 3 (Build 5.01.2600) Administrator Memory items scanned : 414 Memory threats detected : 0 Registry items scanned : 35087 Registry threats detected : 0 File items scanned : 38106 File threats detected : 3 Trojan.Agent/Gen-Decay C:\PROGRAM FILES\ADOBE\READER 10.0\READER\READER_SL.EXE C:\WINDOWS\INSTALLER\$PATCHCACHE$\MANAGED\68AB67CA7DA73301B744AA0100000010\10.1.0\READER_SL.EXE Trojan.Agent/Gen-Chifrax C:\WINDOWS\$NTSERVICEPACKUNINSTALL$\WEXTRACT.EXE Share this post Link to post Share on other sites
mikew_nt Posted June 17, 2012 Passes on AVG, MBAM and Virus Total reports 0/42. Definitely a false positive. Share this post Link to post Share on other sites
VJ Cow Posted June 17, 2012 I hope SAS will fix this issue.. Thanks for the help guys.. I feel relieved.. Share this post Link to post Share on other sites
VJ Cow Posted June 17, 2012 By the way, I had deleted those files that was detected by SAS.. Should I reinstall my Adobe Reader?? Share this post Link to post Share on other sites
coyote Posted June 17, 2012 By the way, I had deleted those files that was detected by SAS.. Should I reinstall my Adobe Reader??Maybe (you want to uninstall/reinstall Reader). Might depend whether you like Reader's Speed Launcher functionality (which I've always disabled the Startup of, so I'm tempted to manually delete those files). Depending, and if Reader functions without those files, you might leave it as-is.Basically, Adobe Reader Speed Launcher starts with Windows, so that when you want to open a pdf it happens quicker. Personally I don't want my system to take on that overhead until I want to open a pdf. "Adobe Reader Speed Launcher...automatically starts upon log-in or start-up of your Windows PC. It runs only once at start-up or log-in and quickly opens and closes all the files Adobe Reader will use when it starts. This is done so the files are already pre-included in your system's memory when you choose to use the Adobe Reader application." Share this post Link to post Share on other sites
rwilles Posted June 17, 2012 Don't know if it is false. Computer was hung this morning. Had to pull the power to restart. Sas was the only scan to find anything (avast and malwarebytes). Quarantined files and rebooted. Comp will sleep now. Share this post Link to post Share on other sites
coyote Posted June 17, 2012 Don't know if it is false. Computer was hung this morning. Had to pull the power to restart. Sas was the only scan to find anything (avast and malwarebytes). Quarantined files and rebooted. Comp will sleep now.A lot of things can hang an operating system. As long as yours is idle, you might want to boot to a CD to run RAM diagnostics, and to run hard drive diagnostics (a good option is to use boot a CD of the diagnostic program by the hard drive's manufacturer).(A weeks ago I was surprised to find my system was hanging when a SAS scan got to a NON-system (i.e. not my boot drive) hard drive, because that hard drive showed errors (also surprising, the Hitachi Drive Fitness Test showed no errors on that drive, but HD Tune did. I feel confident it was hardware because rolling back my OS months didn't help, and replacing the hard drive [under warranty] resolved the issue.) Share this post Link to post Share on other sites
SAS Customer Service Posted June 17, 2012 The Trojan.Agent/Gen-Decay Adobe detection is a false positive. Share this post Link to post Share on other sites