Advertisement
If you have a new account but are having problems posting or verifying your account, please email us on hello@boards.ie for help. Thanks :)
Hello all! Please ensure that you are posting a new thread or question in the appropriate forum. The Feedback forum is overwhelmed with questions that are having to be moved elsewhere. If you need help to verify your account contact hello@boards.ie
Hi there,
There is an issue with role permissions that is being worked on at the moment.
If you are having trouble with access or permissions on regional forums please post here to get access: https://www.boards.ie/discussion/2058365403/you-do-not-have-permission-for-that#latest

trojan.agent\genclickdownload

  • 05-05-2012 1:54pm
    #1
    Departed
    Registered Users, Registered Users 2 Posts: 306 ✭✭


    I found a trojan.agent\genclickdownload in an exe file on a scan. I had never executed it. When it was found i executed it in a sandbox and the firewall flagged it was strying to connect . stopped it. Am I ok when I never executed it? It was in a download but I did not use that.

    Does this work as something that tries to download a trojan when executed as distinct from being one?

    Thanks


Comments

  • #2
    yoyo
    Moderators, Technology & Internet Moderators Posts: 11,017 Mod ✭✭✭✭yoyo


    Departed wrote: »
    I found a trojan.agent\genclickdownload in an exe file on a scan. I had never executed it. When it was found i executed it in a sandbox and the firewall flagged it was strying to connect . stopped it. Am I ok when I never executed it? It was in a download but I did not use that.

    Does this work as something that tries to download a trojan when executed as distinct from being one?

    Thanks

    First things first, never trust sandboxing applications, I've heard that many virus writers exploit these systems and can let the virus "leak through" it. It does sound like a virus, probably a fake alerts/anti virus scam application. I would delete the exe and run a Malwarebytes/Super anti spyware scan and be alert for suspicious activity, I'd say in this instance the sandbox application worked but do not for a moment trust that to protect you

    Nick

    My Beer Glass collection site 🍺

    My Irish Callcards site



  • #3
    Departed
    Registered Users, Registered Users 2 Posts: 306 ✭✭Departed


    yoyo wrote: »
    First things first, never trust sandboxing applications, I've heard that many virus writers exploit these systems and can let the virus "leak through" it. It does sound like a virus, probably a fake alerts/anti virus scam application. I would delete the exe and run a Malwarebytes/Super anti spyware scan and be alert for suspicious activity, I'd say in this instance the sandbox application worked but do not for a moment trust that to protect you

    Nick
    that found it and i removed it. But since i had not run the exe before I think am Ok? Thanks. noted re sandbox too. When i ran in sand box it tried to connect but comodo gave me opp to block it and i did. Doing MBAM scan now


  • #4
    yoyo
    Moderators, Technology & Internet Moderators Posts: 11,017 Mod ✭✭✭✭yoyo


    Departed wrote: »
    that found it and i removed it. But since i had not run the exe before I think am Ok? Thanks. noted re sandbox too. When i ran in sand box it tried to connect but comodo gave me opp to block it and i did

    It sounds to me like you are ok, as the file you downloaded likely had to download the virus and execute it which you didn't give it a chance to, do run scans just in case but I would think in this instance your ok

    Nick

    My Beer Glass collection site 🍺

    My Irish Callcards site



  • #5
    Odaise Gaelach
    Registered Users, Registered Users 2 Posts: 1,235 ✭✭✭Odaise Gaelach


    yoyo's perfectly right: unless you're sure it's a false positive you should never run a program flagged by an anti-virus application, even in a sandbox. Run a full scan with your anti-virus application and be vigilant for suspicious activity. :)


Advertisement