IPB

Welcome Guest ( Log In | Register )

 
Reply to this topicStart new topic
> Shortcuts reported as Trojans
Stormlight
post 18.02.2012 02:02
Post #1


Newbie
*

Group: Members
Posts: 4
Joined: 16.04.2008




When I opened a folder with shortcuts, Kaspersky immediately deleted two of my shortcuts saying that they were infected with a Trojan. Since I didn't believe it was possible for shortcuts to be infected I decided I needed to see what programs they pointed to. I restored the links and checked the Properties. Both shortcuts pointed to Control Panel modules:

SB Audio Console
Realtek HD Sound Effect Manager

Both were supposedly infected with "exploit.win32.cve-2010-2568.gen".

These programs are part of my sound system, although they are probably not booted up when I start my computer. I tried to restore these links a number of times to investigate further but now Kaspersky kept deleting them. Eventually a large window came up that wanted to use a special way to disinfect one of these shortcuts (SB Audio Console) along with saying "Windows Explorer is trying to get access to malicious software" even though I had NOT clicked on the shortcut. I terminated the process, although report now says that it this file "will be processed after the computer reboot".

What I don't understand is that Kaspersky scans part of my computer every time I boot up and I would think these are unusual programs to have a Trojan. But maybe not. I've also done a complete scan, about a month ago. Why are these warnings showing up and are they valid?

Any advice or insight would be appreciated.

Thanks.

[Update] Right after posting this, I did a complete scan of my "C:\WINDOWS" directory where, I assume, these programs would be found. There were no infections reported.



This post has been edited by Stormlight: 18.02.2012 02:16
Go to the top of the page
 
+Quote Post
richbuff
post 18.02.2012 03:42
Post #2


Oldtimer
****************

Group: Moderators
Posts: 47428
Joined: 14.06.2007




Looks like a false positive. Please send full details to the Lab, instructions are located in the third important topic located near the top of the Virus section of this forum. And here: http://forum.kaspersky.com/index.php?showtopic=13881

_


--------------------
Please see the Important topics, located at the top of this section, and at the top of other sections of this forum.
Go to the top of the page
 
+Quote Post
Stormlight
post 18.02.2012 03:52
Post #3


Newbie
*

Group: Members
Posts: 4
Joined: 16.04.2008





Thank you! I'll send in a report.

Your help was much appreciated.

Dave
Go to the top of the page
 
+Quote Post
edworld
post 27.07.2012 08:47
Post #4


Newbie
*

Group: Members
Posts: 1
Joined: 21.06.2012




Exploit.Win32.CVE-2012-2568.gen is really a false positive???
i found that trojan on my DNS Server and AD Server, how i remove that trojan?
Thanx

This post has been edited by edworld: 27.07.2012 08:49
Go to the top of the page
 
+Quote Post
richbuff
post 27.07.2012 08:56
Post #5


Oldtimer
****************

Group: Moderators
Posts: 47428
Joined: 14.06.2007




Welcome. Name of file detected as? Full path/location of file?

Please see the small print that is located at the bottom of this message.


--------------------
Please see the Important topics, located at the top of this section, and at the top of other sections of this forum.
Go to the top of the page
 
+Quote Post

Reply to this topicStart new topic

 



Lo-Fi Version Time is now: 23.04.2014 19:53