Jump to content

Possible false positive Trojan.Agent


baedric

Recommended Posts

Last night MBAM found Trojan.Agent while my son (E) was on his limited account. Strangely, it was on his brother (A) account. I let MBAM try and get rid of it but upon reboot it was found again. I exited out of his account and ran MBAM and Emsisoft Anti-Malware on my administrator account and nothing was found. I logged into his brothers (A) account this am and it found 2 Trojan.Agent in (E) account. I let it try and get rid of them and it did get rid of one of them but upon reboot, one Trojan.Agent remains in Each boys account. I have to wonder if this is not a fp associated with family safety or something? The computer is Windows 8.1 x64 with very little other software installed. I just reinstalled windows recently and upgraded to 8.1. It "should" be clean...

 

Thanks in advance,

 

Ben 

Link to post
Share on other sites

Hi,

 

According to the log, c:\users\eli\documents\my pictures is actually a file that is detected here.

Can you please verify if this is the case?? I know there's a folder there which is also called "My Pictures", but in this case, (in your case), there's also a file present there, called My pictures (so not a folder).

If so, can you zip and attach this file here?

Link to post
Share on other sites

Weird,

 

Might have been a reading error maybe and that's why we made a small change to that detection, so it won't detect this anymore just in case of a reading error.

Can you update the database and see if it's still detected?

Thanks for all your assistance!

I updated the db and it is no longer detected.

 

Thanks again!

Link to post
Share on other sites

Archived

This topic is now archived and is closed to further replies.

  • Recently Browsing   0 members

    No registered users viewing this page.

Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.