SAS just picked up 'Trojan.Agent/Gen-Chifrax' on old laptop

[Tara]

Hi

 

I've just run SAS for the first time in 225 days (as I don't use this old laptop anymore) and it has picked up 'Trojan.Agent/Gen-Chifrax' which I have quarantined.

 

 

The trojan is reported as being found in:

PROGRAM FILES\MICROSOFT COMPONENT INSTALLER SDK FOR WINDOWS\IEXPRESS\WEXTRACT.EXE

 

My Kaspersky Internet Security scan didn't pick up any issues.

 

 

What do you recommend I should do from here please?  Leave the file where it is?  How do I check if its a false positive?

 

 

 

 

Thanks in advance!

[SAS Customer Service]

Make sure you are using the newest version of SUPERAntiSpyware 5.6.1014 with the newest definitions database, 10305. If you are, restore that item from quarantine then do a complete scan and use the built-in false positive reporter at the end of the scan: https://forums.superantispyware.com/index.php?/topic/6825-how-to-submit-false-positives/
 

[Tara]

Ok, but I have to say I'm not keen on letting it back into my system in case it's real.

 

If it's a genuine Trojan, will the testers let me know so I can act?

 

 

Thanks

 

 

[SAS Customer Service]

If the item is determined to be a false positive by our definitions team, it will no longer be detected in a scan. Based on the file path it is likely a false positive but you are free to leave that item in quarantine if its removal is not causing you any issues.

[Tara]

I've reported the file and I'll pop back when I know more, as the outcome may help others in the future - thanks.