Hello!
Today i made my first full scan on my new computer (2 weeks old) and it found almost 5000 infected files. Most files are from the C:\System Volume Information folder. I added the log file. I did nothing because they are from a system folder. Will be waiting for your answer.
Are these all a false positive or not?
Thank you!
Full Version: Win32.Trojan.Agent
Lavasoft Support Forums > Archived Topics > Archives: Resolved/Inactive Topics > Resolved/Inactive False Postive Issues
Hello Voro
Thank you for reporting this. The files that are detected (as win32.trojan.agent) are actually all copies of the same file. We will reinvestigate the file and if it is found to be a false detection it will be removed from detection with the next definition file update.
Regards
LS Anders
Thank you for reporting this. The files that are detected (as win32.trojan.agent) are actually all copies of the same file. We will reinvestigate the file and if it is found to be a false detection it will be removed from detection with the next definition file update.
Regards
LS Anders
QUOTE(voro @ Jan 4 2009, 11:00 AM) 
Hello!
Today i made my first full scan on my new computer (2 weeks old) and it found almost 5000 infected files. Most files are from the C:\System Volume Information folder. I added the log file. I did nothing because they are from a system folder. Will be waiting for your answer.
Are these all a false positive or not?
Thank you!
Today i made my first full scan on my new computer (2 weeks old) and it found almost 5000 infected files. Most files are from the C:\System Volume Information folder. I added the log file. I did nothing because they are from a system folder. Will be waiting for your answer.
Are these all a false positive or not?
Thank you!
Hi voro!
This file is not to be considered as a false positive. According to the posted Ad-Aware log-file the 4962 detected files are copies of the same file with the original file name "wowfx.dll".
If you upload/scan the file at, for example, "virustotal.com" you will find that the file also is detected by many other vendors.
Also, according to the posted log-file, all occurrences of the file is detected within system restore on your system.
In order to clean the System Restore properly it should be disabled during the scan/clean. System Restore could then be re-enabled when the scan/clean is finished.
Note - !! When disabling System Restore you will lose the last system restore point !!
If you wish to disable/re-enable System Restore, then here is how to do that operation on Windows XP:
Note - !! When disabling System Restore you will lose the last system restore point !!
1. Close all programs that are opened.
2. Right-click on My Computer, then select Properties and launch System Properties.
3. Then click on the System Restore tab.
4. The next step is to select the "Turn off System Restore" check box for all separate drives.
5. Then click Apply, and click Yes when the system asks if you want to turn off System Restore.
6. Click OK.
7. Now conduct the scan of all hard drives and all files using your preferred scanner.
Enabling System Restore after the scan:
1. Right-click on My Computer, then select Properties and launch System Properties.
2. Then click on the System Restore tab.
3. Uncheck the "Turn off System Restore" check-boxes for all separate drives.
4. Click Apply and click OK to finish.
Regards,
LS Pekka
Lavasoft Research
QUOTE(LS Pekka @ Jan 5 2009, 09:28 AM)
Hi voro!
This file is not to be considered as a false positive. According to the posted Ad-Aware log-file the 4962 detected files are copies of the same file with the original file name "wowfx.dll".
If you upload/scan the file at, for example, "virustotal.com" you will find that the file also is detected by many other vendors.
Also, according to the posted log-file, all occurrences of the file is detected within system restore on your system.
In order to clean the System Restore properly it should be disabled during the scan/clean. System Restore could then be re-enabled when the scan/clean is finished.
Note - !! When disabling System Restore you will lose the last system restore point !!
If you wish to disable/re-enable System Restore, then here is how to do that operation on Windows XP:
Note - !! When disabling System Restore you will lose the last system restore point !!
1. Close all programs that are opened.
2. Right-click on My Computer, then select Properties and launch System Properties.
3. Then click on the System Restore tab.
4. The next step is to select the "Turn off System Restore" check box for all separate drives.
5. Then click Apply, and click Yes when the system asks if you want to turn off System Restore.
6. Click OK.
7. Now conduct the scan of all hard drives and all files using your preferred scanner.
Enabling System Restore after the scan:
1. Right-click on My Computer, then select Properties and launch System Properties.
2. Then click on the System Restore tab.
3. Uncheck the "Turn off System Restore" check-boxes for all separate drives.
4. Click Apply and click OK to finish.
Regards,
LS Pekka
Lavasoft Research
This file is not to be considered as a false positive. According to the posted Ad-Aware log-file the 4962 detected files are copies of the same file with the original file name "wowfx.dll".
If you upload/scan the file at, for example, "virustotal.com" you will find that the file also is detected by many other vendors.
Also, according to the posted log-file, all occurrences of the file is detected within system restore on your system.
In order to clean the System Restore properly it should be disabled during the scan/clean. System Restore could then be re-enabled when the scan/clean is finished.
Note - !! When disabling System Restore you will lose the last system restore point !!
If you wish to disable/re-enable System Restore, then here is how to do that operation on Windows XP:
Note - !! When disabling System Restore you will lose the last system restore point !!
1. Close all programs that are opened.
2. Right-click on My Computer, then select Properties and launch System Properties.
3. Then click on the System Restore tab.
4. The next step is to select the "Turn off System Restore" check box for all separate drives.
5. Then click Apply, and click Yes when the system asks if you want to turn off System Restore.
6. Click OK.
7. Now conduct the scan of all hard drives and all files using your preferred scanner.
Enabling System Restore after the scan:
1. Right-click on My Computer, then select Properties and launch System Properties.
2. Then click on the System Restore tab.
3. Uncheck the "Turn off System Restore" check-boxes for all separate drives.
4. Click Apply and click OK to finish.
Regards,
LS Pekka
Lavasoft Research
Thank you very much for the support!
Keep up the good work!
Hi Voro!
I´m glad it sorted out
Regards,
LS Pekka
Lavasoft Research
I´m glad it sorted out
Regards,
LS Pekka
Lavasoft Research
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.