Jump to content











Photo
- - - - -

Got a trojan allert


  • Please log in to reply
3 replies to this topic

#1 CMS

CMS

    Newbie

  • Members
  • 12 posts
  • Location:Florida
  •  
    United States

Posted 01 June 2010 - 01:32 PM

While running Panda Cloud Anti-Virus, full system scan, I got a hit on 2 seperate instances of Trj/CI.A in win7peldr.exe.

While I find this hard to believe, I would appreciate some verification. It could certainly be something that got infected locally (on my machine).

I will re-test the files with a variety of other AV products, to see if they trigger an alert also.

If you choose to assist, please use Panda Cloud Anti-virus for an initial check, and post your results.

If you also get a positive hit, please test with other AV products and post their results.

#2 pscEx

pscEx

    Platinum Member

  • Team Reboot
  • 12707 posts
  • Location:Korschenbroich, Germany
  • Interests:What somebody else cannot do.
  •  
    European Union

Posted 01 June 2010 - 01:48 PM

There seems to be some code in win7peldr.exe causing, that sometimes some AV apps detect a virus inside it. We already have had some topics asking for that.

I personnally cannot guarantee that the app is clean, but I trust the author Joshua.

If you are in doubt, scan with http://www.virustotal.com/

The latest result I know is a 'positive' from 13/42 scanners.

Peter

#3 Nuno Brito

Nuno Brito

    Platinum Member

  • .script developer
  • 10547 posts
  • Location:boot.wim
  • Interests:I'm just a quiet simple person with a very quiet simple life living one day at a time..
  •  
    European Union

Posted 01 June 2010 - 01:59 PM

The software found here is bound to trigger a lot of reactions from AV's.

Either because it may use UPX to compress the file size to fit on the CD media as it might call services, run apps in stealth mode and so forth.

But Joshua is a very old and well known member around our community.

There was a virus on one of his pages for Win7PE rescue a while ago so I it would be nice to get in contact with him to check if his system is clean or not.

#4 Zormax

Zormax
  • Members
  • 1 posts

Posted 30 January 2011 - 07:50 AM

There seems to be some code in win7peldr.exe causing, that sometimes some AV apps detect a virus inside it. We already have had some topics asking for that.

I personnally cannot guarantee that the app is clean, but I trust the author Joshua.

If you are in doubt, scan with http://www.virustotal.com/

The latest result I know is a 'positive' from 13/42 scanners.

Peter


Use it http://upwap.ru/1277762




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users