Tara Posted April 23, 2013 Hi I've just run SAS for the first time in 225 days (as I don't use this old laptop anymore) and it has picked up 'Trojan.Agent/Gen-Chifrax' which I have quarantined. The trojan is reported as being found in: PROGRAM FILES\MICROSOFT COMPONENT INSTALLER SDK FOR WINDOWS\IEXPRESS\WEXTRACT.EXE My Kaspersky Internet Security scan didn't pick up any issues. What do you recommend I should do from here please? Leave the file where it is? How do I check if its a false positive? Thanks in advance! Share this post Link to post Share on other sites
SAS Customer Service Posted April 23, 2013 Make sure you are using the newest version of SUPERAntiSpyware 5.6.1014 with the newest definitions database, 10305. If you are, restore that item from quarantine then do a complete scan and use the built-in false positive reporter at the end of the scan: https://forums.superantispyware.com/index.php?/topic/6825-how-to-submit-false-positives/ Share this post Link to post Share on other sites
Tara Posted April 23, 2013 Ok, but I have to say I'm not keen on letting it back into my system in case it's real. If it's a genuine Trojan, will the testers let me know so I can act? Thanks Share this post Link to post Share on other sites
SAS Customer Service Posted April 24, 2013 If the item is determined to be a false positive by our definitions team, it will no longer be detected in a scan. Based on the file path it is likely a false positive but you are free to leave that item in quarantine if its removal is not causing you any issues. Share this post Link to post Share on other sites
Tara Posted April 25, 2013 I've reported the file and I'll pop back when I know more, as the outcome may help others in the future - thanks. Share this post Link to post Share on other sites