Tech Support Forum - View Single Post - Infected by trojans in pseudo-codec

yst_dfm · 11-08-2008, 12:04 PM

Hello Ried

Thank you for your response and the detailed guidelines. I have already performed an online scan with Kasperski a few days ago following the same steps that you suggested in your previous post. It took more than 8 hrs to complete, so I thought I should post the existing log first and ask you if you think I should do the scan again. Here is the log:

KASPERSKY ONLINE SCANNER 7 REPORTKASPERSKY ONLINE SCANNER 7 REPORT
Monday, November 3, 2008
Operating System: Microsoft Windows XP Home Edition Service Pack 3 (build
2600)
Kaspersky Online Scanner 7 version: 7.0.25.0
Program database last update: Sunday, November 02, 2008 20:15:38
Records in database: 1367929

Scan settings
Scan using the following databaseextended
Scan archivesyes
Scan mail databasesyes

Scan areaMy Computer
C:\
D:\
E:\
F:\
I:\

Scan statistics
Files scanned218675
Threat name2
Infected objects3
Suspicious objects0
Duration of the scan15:42:01

File nameThreat nameThreats count
I:\FILES\INTELLIGEN\SPD Work\First month\C++ LEARNING\HTP Examples\HTP-1
Basic Programming Concepts\debug\HTP-1.1.exeInfected:
VirTool.Win32.MS04-028.bq1

I:\FILES\MANUAL\VAIO\NEW FILES_2008\WORK\INTELLIGEN\C++\HTP Examples\HTP-1
Basic Programming Concepts\debug\HTP-1.1.exeInfected:
VirTool.Win32.MS04-028.bq1

I:\FILES\MANUAL\VAIO\temp\MP3\07 Track 7.wmaInfected:
Trojan-Downloader.WMA.Wimad.l1

The selected area was scanned.

Please note that file HTP-1.1.exe is a file I built when I was learning C++ and it is six months old. Probably a false positive, right?

Regarding drive D:, as far as I am concerned it is just an ordinary partition (based on the approach that C: should have system files and D: user files). I think that VAIO's recovery files are stored in a hidden partition which is not accessible by Windows.

Thank you again for your time!!! Much appreciated!

11-08-2008, 12:04 PM	#8 (permalink)
yst_dfm Registered User Join Date: Nov 2008 Posts: 10 OS: xp	Re: Infected by trojans in pseudo-codec Hello Ried Thank you for your response and the detailed guidelines. I have already performed an online scan with Kasperski a few days ago following the same steps that you suggested in your previous post. It took more than 8 hrs to complete, so I thought I should post the existing log first and ask you if you think I should do the scan again. Here is the log: KASPERSKY ONLINE SCANNER 7 REPORTKASPERSKY ONLINE SCANNER 7 REPORT Monday, November 3, 2008 Operating System: Microsoft Windows XP Home Edition Service Pack 3 (build 2600) Kaspersky Online Scanner 7 version: 7.0.25.0 Program database last update: Sunday, November 02, 2008 20:15:38 Records in database: 1367929 Scan settings Scan using the following databaseextended Scan archivesyes Scan mail databasesyes Scan areaMy Computer C:\ D:\ E:\ F:\ I:\ Scan statistics Files scanned218675 Threat name2 Infected objects3 Suspicious objects0 Duration of the scan15:42:01 File nameThreat nameThreats count I:\FILES\INTELLIGEN\SPD Work\First month\C++ LEARNING\HTP Examples\HTP-1 Basic Programming Concepts\debug\HTP-1.1.exeInfected: VirTool.Win32.MS04-028.bq1 I:\FILES\MANUAL\VAIO\NEW FILES_2008\WORK\INTELLIGEN\C++\HTP Examples\HTP-1 Basic Programming Concepts\debug\HTP-1.1.exeInfected: VirTool.Win32.MS04-028.bq1 I:\FILES\MANUAL\VAIO\temp\MP3\07 Track 7.wmaInfected: Trojan-Downloader.WMA.Wimad.l1 The selected area was scanned. Please note that file HTP-1.1.exe is a file I built when I was learning C++ and it is six months old. Probably a false positive, right? Regarding drive D:, as far as I am concerned it is just an ordinary partition (based on the approach that C: should have system files and D: user files). I think that VAIO's recovery files are stored in a hidden partition which is not accessible by Windows. Thank you again for your time!!! Much appreciated!