Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 7 replies
  • Subscribers 8 subscribers
  • Views 13993 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Process "User Memory" belongs to virus/spyware 'Troj/KvterMem-A'.

SteveTrumpeter

Last night, we got a handful of daily scan alerts saying:

Process "User Memory" belongs to virus/spyware 'Troj/KvterMem-A'.

Virus/spyware 'Troj/KvterMem-A' has been removed.


Between last night and this morning, Sophos has removed the page regarding this particular trojan. I'd like to know how to find out what, exactly, got flagged and if this might be a false positive or a problem with the latest definition release.



This thread was automatically locked due to age.
Parents
  • 0
    We also got some of these alerts. It was a False Positive, this has been confirmed by Sophos' support:
    ____
    Good afternoon
    please note that this is a f/p, , a Fix for this was already released.
    The Fix is contained in this IDE file
    A fix for the Troj/KvterMem-A false positive was published in:

    msil-fnt.ide

    Revision: 0
    In data version: 5.25
    Created: Wed, 03 Feb 2016 12:03:49 +0000
    Finished: Wed, 03 Feb 2016 15:29:59 +0000
    _____________


    I hope this helps.
Reply
  • 0
    We also got some of these alerts. It was a False Positive, this has been confirmed by Sophos' support:
    ____
    Good afternoon
    please note that this is a f/p, , a Fix for this was already released.
    The Fix is contained in this IDE file
    A fix for the Troj/KvterMem-A false positive was published in:

    msil-fnt.ide

    Revision: 0
    In data version: 5.25
    Created: Wed, 03 Feb 2016 12:03:49 +0000
    Finished: Wed, 03 Feb 2016 15:29:59 +0000
    _____________


    I hope this helps.
Children
No Data
Unfiltered HTML