dellhell
January 16th, 2008, 11:10 PM
Yesterday, I installed the trial version of TrojanHunter and ran it. It found my trial version of Kaspersky Internet Security 7 and WinRAR and HP printer softwares had installed trojans on my computer. It can either delete immediately or delete at reboot the trojans from WinRAR and HP, but it cannot do either to the trojans from Kaspersky. I remove the Trojan Hunter today and re-download, re-install a fresh copy. But I cannot find that Kaspersky trojan anymore, though TrojanHunter couldn't do any harm to it yesterday.
Are the commercial security software vendors installing trojans for their convenience on customers computer?
The Trojan Hunter log file of yesterday is as below---
TrojanHunter Scan Report - Saved 2008-01-15 22:15
Found trojan file: C:\Compression and Decompression\WinRAR\Default.SFX (Generic.RarDrop.B)
Found trojan file: C:\Compression and Decompression\WinRAR\Zip.SFX (Generic.RarDrop.B)
Found trojan file: C:\Compression and Decompression\wrar351.exe/Default.SFX (Generic.RarDrop.B)
Found trojan file: C:\Compression and Decompression\wrar351.exe/Zip.SFX (Generic.RarDrop.B)
Found trojan file: C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP7\PdmHist\f94.8AF5C3DA01C857F1.history\00000221.bak (Generic.RarDrop.B)
Found trojan file: C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP7\PdmHist\f94.8AF5C3DA01C857F1.history\00000223.bak (Generic.RarDrop.B)
Found trojan file: C:\Program Files\HP\Digital Imaging\{E5A8DDAB-AE80-48C6-A75B-D0FAB83B299D}\setup\hpocpd01.exe (TrojanClicker.Small.223)
Error: Error while pre-processing C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP21F.tmp\mscorlib.dll: Access violation at address 004DA45F in module 'TrojanHunter.exe'. Read of address 0689600C
Error: Error while pre-processing C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP21F.tmp\mscorlib.dll: Access violation at address 004DA45F in module 'TrojanHunter.exe'. Read of address 0689600C
Quarantined file C:\Compression and Decompression\WinRAR\Default.SFX
Quarantined file C:\Compression and Decompression\WinRAR\Zip.SFX
Quarantined file C:\Compression and Decompression\wrar351.exe
Unable to quarantine file C:\Compression and Decompression\wrar351.exe: Scheduling file to be quarantined when computer is restarted
Unable to quarantine file C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP7\PdmHist\f94.8AF5C3DA01C857F1.history\00000221.bak: Scheduling file to be quarantined when computer is restarted
Failed to add quarantine-on-reboot entry for C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP7\PdmHist\f94.8AF5C3DA01C857F1.history\00000221.bak
Unable to quarantine file C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP7\PdmHist\f94.8AF5C3DA01C857F1.history\00000223.bak: Scheduling file to be quarantined when computer is restarted
Failed to add quarantine-on-reboot entry for C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP7\PdmHist\f94.8AF5C3DA01C857F1.history\00000223.bak
Quarantined file C:\Program Files\HP\Digital Imaging\{E5A8DDAB-AE80-48C6-A75B-D0FAB83B299D}\setup\hpocpd01.exe
Dellhell
Are the commercial security software vendors installing trojans for their convenience on customers computer?
The Trojan Hunter log file of yesterday is as below---
TrojanHunter Scan Report - Saved 2008-01-15 22:15
Found trojan file: C:\Compression and Decompression\WinRAR\Default.SFX (Generic.RarDrop.B)
Found trojan file: C:\Compression and Decompression\WinRAR\Zip.SFX (Generic.RarDrop.B)
Found trojan file: C:\Compression and Decompression\wrar351.exe/Default.SFX (Generic.RarDrop.B)
Found trojan file: C:\Compression and Decompression\wrar351.exe/Zip.SFX (Generic.RarDrop.B)
Found trojan file: C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP7\PdmHist\f94.8AF5C3DA01C857F1.history\00000221.bak (Generic.RarDrop.B)
Found trojan file: C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP7\PdmHist\f94.8AF5C3DA01C857F1.history\00000223.bak (Generic.RarDrop.B)
Found trojan file: C:\Program Files\HP\Digital Imaging\{E5A8DDAB-AE80-48C6-A75B-D0FAB83B299D}\setup\hpocpd01.exe (TrojanClicker.Small.223)
Error: Error while pre-processing C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP21F.tmp\mscorlib.dll: Access violation at address 004DA45F in module 'TrojanHunter.exe'. Read of address 0689600C
Error: Error while pre-processing C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP21F.tmp\mscorlib.dll: Access violation at address 004DA45F in module 'TrojanHunter.exe'. Read of address 0689600C
Quarantined file C:\Compression and Decompression\WinRAR\Default.SFX
Quarantined file C:\Compression and Decompression\WinRAR\Zip.SFX
Quarantined file C:\Compression and Decompression\wrar351.exe
Unable to quarantine file C:\Compression and Decompression\wrar351.exe: Scheduling file to be quarantined when computer is restarted
Unable to quarantine file C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP7\PdmHist\f94.8AF5C3DA01C857F1.history\00000221.bak: Scheduling file to be quarantined when computer is restarted
Failed to add quarantine-on-reboot entry for C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP7\PdmHist\f94.8AF5C3DA01C857F1.history\00000221.bak
Unable to quarantine file C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP7\PdmHist\f94.8AF5C3DA01C857F1.history\00000223.bak: Scheduling file to be quarantined when computer is restarted
Failed to add quarantine-on-reboot entry for C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP7\PdmHist\f94.8AF5C3DA01C857F1.history\00000223.bak
Quarantined file C:\Program Files\HP\Digital Imaging\{E5A8DDAB-AE80-48C6-A75B-D0FAB83B299D}\setup\hpocpd01.exe
Dellhell