Shortcuts reported as Trojans - Kaspersky Lab Forum

IPB

Kaspersky Lab Technical Support

Kaspersky Lab's Fan Club

Welcome Guest ( Log In | Register )

Kaspersky Lab Forum > English User Forum > Protection for Home Users > Kaspersky Internet Security & Anti-Virus

Reply to this topic

Start new topic

Shortcuts reported as Trojans

Stormlight View Member Profile	18.02.2012 02:02 Post #1
Newbie Group: Members Posts: 4 Joined: 16.04.2008	When I opened a folder with shortcuts, Kaspersky immediately deleted two of my shortcuts saying that they were infected with a Trojan. Since I didn't believe it was possible for shortcuts to be infected I decided I needed to see what programs they pointed to. I restored the links and checked the Properties. Both shortcuts pointed to Control Panel modules: SB Audio Console Realtek HD Sound Effect Manager Both were supposedly infected with "exploit.win32.cve-2010-2568.gen". These programs are part of my sound system, although they are probably not booted up when I start my computer. I tried to restore these links a number of times to investigate further but now Kaspersky kept deleting them. Eventually a large window came up that wanted to use a special way to disinfect one of these shortcuts (SB Audio Console) along with saying "Windows Explorer is trying to get access to malicious software" even though I had NOT clicked on the shortcut. I terminated the process, although report now says that it this file "will be processed after the computer reboot". What I don't understand is that Kaspersky scans part of my computer every time I boot up and I would think these are unusual programs to have a Trojan. But maybe not. I've also done a complete scan, about a month ago. Why are these warnings showing up and are they valid? Any advice or insight would be appreciated. Thanks. [Update] Right after posting this, I did a complete scan of my "C:\WINDOWS" directory where, I assume, these programs would be found. There were no infections reported. This post has been edited by Stormlight: 18.02.2012 02:16

richbuff View Member Profile	18.02.2012 03:42 Post #2
Oldtimer Group: Moderators Posts: 43466 Joined: 14.06.2007	Looks like a false positive. Please send full details to the Lab, instructions are located in the third important topic located near the top of the Virus section of this forum. And here: http://forum.kaspersky.com/index.php?showtopic=13881 _ -------------------- Please see the Important topics, located at the top of this section, and at the top of other sections of this forum.

Stormlight View Member Profile	18.02.2012 03:52 Post #3
Newbie Group: Members Posts: 4 Joined: 16.04.2008	Thank you! I'll send in a report. Your help was much appreciated. Dave

edworld View Member Profile	27.07.2012 08:47 Post #4
Newbie Group: Members Posts: 1 Joined: 21.06.2012	Exploit.Win32.CVE-2012-2568.gen is really a false positive??? i found that trojan on my DNS Server and AD Server, how i remove that trojan? Thanx This post has been edited by edworld: 27.07.2012 08:49

richbuff View Member Profile	27.07.2012 08:56 Post #5
Oldtimer Group: Moderators Posts: 43466 Joined: 14.06.2007	Welcome. Name of file detected as? Full path/location of file? Please see the small print that is located at the bottom of this message. -------------------- Please see the Important topics, located at the top of this section, and at the top of other sections of this forum.

« Next Oldest · Kaspersky Internet Security & Anti-Virus · Next Newest »

Reply to this topic

Start new topic

Display Mode: Standard · Switch to: Linear+ · Switch to: Outline

Track this topic · Email this topic · Print this topic · Subscribe to this forum

Lo-Fi Version

Time is now: 19.06.2013 14:59

Powered By IP.Board © 2013 IPS, Inc.

Licensed to: Kaspersky Lab