Jump to content


Photo

Trojan.heur.25


  • Please log in to reply
No replies to this topic

#1 roy142857

roy142857

    Newbie

  • Members
  • 1 posts

Posted 18 February 2009 - 11:21 AM

Hi

I've just done a deep scan with BitDefender Total Security 2009 on my PC (it's running Windows XP Pro), as have been having system problems - most now seem resolved and system seems to be running ok, but concerned that BitDefender is reporting 14 items as infected with the Gen:Trojan.Heur.25 and saying 'no action is possible'. The two files that seem to have been causing the problems were a version of explorer.exe in the wrong place and a file called mshelp.exe which seem to have got themselves into the system when I was running BitDefender 2008.

Files reported as infected are Explorer.EXE (in Windows not in Windows/System32 so should be the genuine version); rundll32.exe, spoolsv.exe and ctfmon.exe (all located in Windows/System32 which I think is correct); ATnotes.exe which I've been running for quite a long time and is located in Program Files/ATnotes, where I'd expect it, two BitDefender 2009 files - vsserv.exe and bdagent.exe, plus six reports of svchost.exe plus a Hewlett Packard file statusclient.exe (again in the part of the Hewlett-Packard folder I'd expect to find it in). In each case 'memory dump' appears in brackets after the reporting line - can't find a reference to 'memory dump' in BitDefender Help.

Additionally I have one extra file reported as having Trojan.AgentMB.VB.RWGL113316 which is called ReadMe.exe and is sitting in C:\RECYCLER which again is shown as 'no action is possible'.

Hoping someone can give me some guidance

Roy

Edit: just finished and notice 8 other files also 'no action is possible' - all items quarantined well over a year ago by Norton SystemWorks, which is no longer on my system, although I still run the separate Norton GoBack. I assume they are not likely to be a problem? The 8 quarantined items are 2x Java.Troja.Expoit.Bytverify 4x Java.Trojan.Exploit.Bytverify.C and 2 x Java.Trojan.Exploit.Bytverify3.Gen

Edit2: Sorry to keep adding to this, realised something else I should mention - 26 files not scanned. All are in Documents and Settings/All Users/Application Data/Spybot - Search & Destroy/Recovery/

Edited by roy142857, 18 February 2009 - 11:34 AM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users