I have the following trojan detected but am unable to quarantine or remove.
Computer vaccinated Your computer has been vaccinated. 1/30/2017 9:29 AM Vaccinated
Scan Scanning: Critical areas 1/30/2017 9:31 AM Started
Trojan detected Trj/GdSda.A Location: Memory (C:\Windows\SysWOW64\explorer.exe) 1/30/2017 9:40 AM
Trojan detected Trj/GdSda.A Location: Memory (C:\Windows\SysWOW64\explorer.exe) 1/30/2017 9:40 AM
Scan Scanning: Critical areas 1/30/2017 9:43 AM Finished
I've also tried running scan via usb boot - but then this Trojan was not detected. Any idea's? Should I try to delete explorer.exe via usb boot?
Thanks for your help!
[CLOSED] Trojan detected Trj/GdSda.A Location: Memory (C:\Windows\SysWOW64\explorer.exe)
- VirusBuster
- Official moderator
- Posts: 7595
- Joined: Mon, 02 Apr 2012, 18:53
- Location: Panda HQ - Bilbao
Re: Trojan detected Trj/GdSda.A Location: Memory (C:\Windows\SysWOW64\explorer.exe)
As it was located in memory, it means that the process was running
After rebooting the process is unloaded
By default the one that should be loaded is C:\Windows\explorer.exe
Can you manually scan C:\Windows\SysWOW64\explorer.exe?
After rebooting the process is unloaded
By default the one that should be loaded is C:\Windows\explorer.exe
Can you manually scan C:\Windows\SysWOW64\explorer.exe?
Regards,
Jorge Torre
TechSupport Department - Panda Security
I don't reply to private messages unless I have previously requested them
Jorge Torre
TechSupport Department - Panda Security
I don't reply to private messages unless I have previously requested them
- VirusBuster
- Official moderator
- Posts: 7595
- Joined: Mon, 02 Apr 2012, 18:53
- Location: Panda HQ - Bilbao
Re: Trojan detected Trj/GdSda.A Location: Memory (C:\Windows\SysWOW64\explorer.exe)
Topic closed due to lack of response
TOPIC CLOSED
TOPIC CLOSED
Regards,
Jorge Torre
TechSupport Department - Panda Security
I don't reply to private messages unless I have previously requested them
Jorge Torre
TechSupport Department - Panda Security
I don't reply to private messages unless I have previously requested them