Cranfield

CLOSED TrojanAgent DFRF(B)

Recommended Posts

A Custom scan has found " Trojan Agent DFRF(B) in C:\Windows\ System32\wscript.exe " > I had a message box stating, " The following objects were not removed for your own safety - C:\Windows\System32\wscript.exe - Removing these items bears an unusually high risk of crashing your operating system during automatic cleaning, as these threats are deeply embedded ..........go seek technical help, etc".

I followed the link in the announcement box and there were loads of options, none seemed to refer directly to this named Trojan Agent, so I decided to post the query here.

Share this post


Link to post
Share on other sites

I have run the scans you asked for.

Do I start a new thread entitled "Logs", or something similar, or do I copy and paste the logs on this thread. ?

I notice other members have posted a blue link to their logs, I do not know how to do this.

Share this post


Link to post
Share on other sites

Hello,

This is a False Positive detection and has been fixed.  Update Emsisoft and run a fresh scan to double check that it is no longer detected.

Share this post


Link to post
Share on other sites

A False Postive is caused by an errant malware signature in the malware detection database.  Our software has 2 detection engines that each have their own malware signature database.  We have our own detection engine and we use the BitDefender detection engine. In this particular case, the signature that was causing the detection was one of BitDefender's and it was corrected and a database update was issued, shortly after the detection was reported to BitDefender.

Share this post


Link to post
Share on other sites

Thread Closed

Reason: Resolved

The procedures contained in this thread are for this user and this user only.  Attempting to use the instructions in this thread on your system could result in damaging the Operating System beyond repair.  Do Not use any of the tools mentioned in this thread without the supervision of a Malware Removal Specialist.

All posters requesting Malware Removal assistance are required to follow all procedures in the thread titled START HERE if you don't we are just going to send you back to this thread.

Share this post


Link to post
Share on other sites
Guest
This topic is now closed to further replies.

  • Recently Browsing   0 members

    No registered users viewing this page.