This morning I updated the latest def. of Windows Defender. All of the sudden it detects Adware Win32/Generic.A Trojan whenever I start Spyware Terminator. I tried putting it in Quarantine or eliminating it but I think I will have to uninstall ST. Is this a false positive and how to solve the problem? Avast didn’t detect anything. ???
It’s not a file but a process. It is only detected by Windows defender (latest update). It is only detected after I open Spyware Terminator. The warning window from WD opens and if I take action to delete or quarantine the Trojan, ST closes. Do you run both ST and WD on your PC? I scanned with SAS without any problem. I have now two options to click Ignore in WD or to wait and see for the next updates to fix this. I can’t trace this to a file! :o
Did a scan with Avast v. 4.8 and also HiJack This:all are negative about that virus. As I said it is linked to the opening of ST. I’ll try to find the file in my ST folder and scan it on Virus Total. Meanwhile, this is the screen shot of my Windows Defender Warning message.
Off course, I don’t have any Windows Defender warning when i run a scan and ST (I have resident protection on) happens to be closed. Now I know Crawler uses some information to improve their software…
Thanks Tech. I forgot to place RP OFF in ST and this may be an example of interference. Anyways I reported this as FALSE POSITIVE in the MSDN Microsoft WD Forum, we’ll see what they say about it. Anyway, it’s frightening all of a sudden to face off a Warning message telling you you have a Trojan Horse (I let a friend open attachments in his hotmail account yesterday, that’s why, because he couldn’t connect to the web at home as he said…) >:(
When you next get this, make a note of the pid number (in the image, pid:4656), now go to windows Task Manager and see what process matches the pid:number.
These are my comments if recommending ST, Resident scanner (if you use this don’t install the toolbar or crawler or the anti-virus module).
Do you have the ST toolbar or crawler enabled, because for a long time crawler was considered adware ?
So it may be the toolbar or crawler that it is objecting to and since it is an Adware generic detection signature that could be it.
I have PID 4076 now when I start ST and can’t see it in service except for a PID 4052 SBSD Security Center Service. I choose to always allow it. This solves the problem. In effect, I choose in the past to install the Crawler Bar but later uninstalled it. My only error. Is this really a virus/Spyware? I don’t think so! :-X
I’m at a loss as to what it might be how it can report a PID that isn’t in the task manager, unless because you are killing it, when you come to check the task manager it is no longer there. Try ignoring the alert once and then check if the PID number is in the Task Manager.
Or you could use a utility called Process Explorer (I haven’t got a link yet), used to be sysinternals.com but it is now bought out by Microsoft, who continue its development.
David I already have Process Explorer. I reproduced the problem and had PID 2144 linked to Spyware Terminator.exe (under the arborescence of sp_rsser.exe). Can’t be anything else:false positive. Let’s wait for Microsoft and its next update. Sorry for all that fuss!!!
Just to let all know that Microsoft solved the problem with its 303 KB def. update of Windows Defender today. Still don’t know how they could be so wrong!!! :-X