Jump to content

Possible false postive?

Recommended Posts

good morning. Today i was doing my scans with malware and it found a trojan agent.

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run|47510 (Trojan.Agent) -> Data: C:\PROGRA~3\LOCALS~1\Temp\mscotiwy.exe -> Delete on reboot

i have been going over trying to kill this thing non stop all day running in safe mode/safe mode network/safe mode command prompt. Everytime i complete the scan it find this and removes it but when i shutdown and come back to safe mode its back again . I have run both AVG and HitmanPro and bot have not flagged this file as a trojan.

Has anyone else come accross this i have searched the interent and nothing has come up regarding this location number.

Link to post
Share on other sites

Hello and welcome, sibu: <_<

It appears that you have an identical duplicate topic for this inquiry over in the False Positives section here? http://forums.malwar...howtopic=125958

While waiting for the MBAM staff to reply over there in that other topic, please have a look at this pinned topic: READ BEFORE REPORTING A FALSE POSITIVE!

It contains some helpful advice about the information the MBAM engineers will likely need in order to determine whether or not this particular detection is a False Positive.

OTOH, if you think you might be infected, please follow the recommendations in this pinned topic: Available Assistance for Possibly Infected Computers

One of the malware experts will assist you with looking into this problem.

Thanks very much,


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.