[CLOSED] Trojan detected Trj/GdSda.A Location: Memory (C:\Windows\SysWOW64\explorer.exe)

Container for RESOLVED incidents, queries SOLVED by the experts, EXPIRED topics or those that have been CLOSED by the users.
Locked
lenshoek
Registered user
Registered user
Posts: 1
Joined: Mon, 30 Jan 2017, 22:14

[CLOSED] Trojan detected Trj/GdSda.A Location: Memory (C:\Windows\SysWOW64\explorer.exe)

Post by lenshoek »

I have the following trojan detected but am unable to quarantine or remove.


Computer vaccinated Your computer has been vaccinated. 1/30/2017 9:29 AM Vaccinated
Scan Scanning: Critical areas 1/30/2017 9:31 AM Started
Trojan detected Trj/GdSda.A Location: Memory (C:\Windows\SysWOW64\explorer.exe) 1/30/2017 9:40 AM
Trojan detected Trj/GdSda.A Location: Memory (C:\Windows\SysWOW64\explorer.exe) 1/30/2017 9:40 AM
Scan Scanning: Critical areas 1/30/2017 9:43 AM Finished


I've also tried running scan via usb boot - but then this Trojan was not detected. Any idea's? Should I try to delete explorer.exe via usb boot?

Thanks for your help!
User avatar
VirusBuster
Official moderator
Official moderator
Posts: 7595
Joined: Mon, 02 Apr 2012, 18:53
Location: Panda HQ - Bilbao

Re: Trojan detected Trj/GdSda.A Location: Memory (C:\Windows\SysWOW64\explorer.exe)

Post by VirusBuster »

As it was located in memory, it means that the process was running
After rebooting the process is unloaded

By default the one that should be loaded is C:\Windows\explorer.exe

Can you manually scan C:\Windows\SysWOW64\explorer.exe?
Regards,

Image
Jorge Torre
TechSupport Department - Panda Security

I don't reply to private messages unless I have previously requested them
User avatar
VirusBuster
Official moderator
Official moderator
Posts: 7595
Joined: Mon, 02 Apr 2012, 18:53
Location: Panda HQ - Bilbao

Re: Trojan detected Trj/GdSda.A Location: Memory (C:\Windows\SysWOW64\explorer.exe)

Post by VirusBuster »

Topic closed due to lack of response
TOPIC CLOSED
Regards,

Image
Jorge Torre
TechSupport Department - Panda Security

I don't reply to private messages unless I have previously requested them
Locked

Return to “Virus - Archive Issues”