Thursday, July 17, 2008

Kaspersky online virus scan

Did a scan of saispace2 from the site. Java based, nice interface. Downloading the virus definitions was the largest data transfer - around 25 MB. Full machine scan took around 5 hours. Tried another scan after 24 hours and a few reboots, this time the definitions seemed to be cached, so the scanner came up almost instantly. It found c:\program files\WinDriveGurard\windriveguard.exe on the first scan, which Kaspersky identifies as Trojan.Win32.Monderc.gen. Removed it after checking if any processes were running using that exe. Found a ScanProcess.exe which respawned even when killed, but this seemed to be the Kaspersky's exe, since closing the Kaspersky window removed that process from TaskManager. Found a process running in the Acer laptop from which I transfer files to saispace2 with USB drive, so killed the process and deleted the relevant files in C: there as well as on the USB drive. On the USB drive it was System\Windriveprotect\DriveProtect.exe or something like that. The second scan of C: alone took 35 minutes and came out clean.

No comments:

Post a Comment