Cranfield 1 Report post Posted September 29, 2018 A Custom scan has found " Trojan Agent DFRF(B) in C:\Windows\ System32\wscript.exe " > I had a message box stating, " The following objects were not removed for your own safety - C:\Windows\System32\wscript.exe - Removing these items bears an unusually high risk of crashing your operating system during automatic cleaning, as these threats are deeply embedded ..........go seek technical help, etc". I followed the link in the announcement box and there were loads of options, none seemed to refer directly to this named Trojan Agent, so I decided to post the query here. Share this post Link to post Share on other sites
stapp 150 Report post Posted September 29, 2018 Please follow the steps here and attach the requested logs so that one of our experts can help you. https://support.emsisoft.com/announcement/2-start-here-if-you-dont-we-are-just-going-to-send-you-back-to-this-thread/ Share this post Link to post Share on other sites
Cranfield 1 Report post Posted September 29, 2018 I have run the scans you asked for. Do I start a new thread entitled "Logs", or something similar, or do I copy and paste the logs on this thread. ? I notice other members have posted a blue link to their logs, I do not know how to do this. Share this post Link to post Share on other sites
Kevin Zoll 309 Report post Posted September 29, 2018 Hello, This is a False Positive detection and has been fixed. Update Emsisoft and run a fresh scan to double check that it is no longer detected. Share this post Link to post Share on other sites
Cranfield 1 Report post Posted September 30, 2018 A Malware scan shows clear now. Is a False Positive a detection error of the scan ? Share this post Link to post Share on other sites
Kevin Zoll 309 Report post Posted October 1, 2018 A False Postive is caused by an errant malware signature in the malware detection database. Our software has 2 detection engines that each have their own malware signature database. We have our own detection engine and we use the BitDefender detection engine. In this particular case, the signature that was causing the detection was one of BitDefender's and it was corrected and a database update was issued, shortly after the detection was reported to BitDefender. Share this post Link to post Share on other sites
Kevin Zoll 309 Report post Posted October 5, 2018 Thread Closed Reason: Resolved The procedures contained in this thread are for this user and this user only. Attempting to use the instructions in this thread on your system could result in damaging the Operating System beyond repair. Do Not use any of the tools mentioned in this thread without the supervision of a Malware Removal Specialist. All posters requesting Malware Removal assistance are required to follow all procedures in the thread titled START HERE if you don't we are just going to send you back to this thread. Share this post Link to post Share on other sites
