Download TrojanHunter Now
Free 30-day trial!
Latest TrojanHunter Version:
TrojanHunter 5.0
Order Now
License file delivered within minutes.
Welcome, Guest. Please Login or Register.
Jul 4th, 2008, 3:06pm
   Mischel Internet Security Forum
   Malware
   Trojans (Moderators: Helena, Gavin_Coe, Magnus)
   Boqr.100		 « Previous topic | Next topic »
Pages: 1  Reply Reply  Notify of replies Notify of replies   Send Topic Send Topic   Print Print
   Author  Topic: Boqr.100  (Read 477 times)
Marianna
Newbie
*






   


Gender: female
 Posts: 4
Boqr.100
« on: Mar 1st, 2008, 5:36pm »		 Quote Quote  Modify Modify
Only to let you know,
 
I assume, this is a FALSE POSITIVE. The file belongs to my printer EPSON STYLUS Photo RX500.
 
 
Found trojan file: C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP1917\A01258 02.EXE (Boqr.100)
Found trojan file: C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP1917\A01258 03.EXE (Boqr.100)
Found trojan file: C:\WINDOWS\SYSTEM32\SPOOL\DRIVERS\W32X86\3\E_S4I2K1.EXE (Boqr.100)
Found trojan file: C:\WINDOWS\SYSTEM32\SPOOL\DRIVERS\W32X86\epsonstylus_photo_rx9dc8\E_S4I2 K1.EXE (Boqr.100)
 
 
 
I had put the files in quarantine and the printer didn't work anymore. I just scanned the exe at Virus Total and nothing was found:
 
File E_S4I2K1.EXE received on 03.02.2008 00:21:06 (CET)
Current status: Loading ... queued waiting scanning finished NOT FOUND STOPPED  
 
 
Result: 0/32 (0%)
 
Antivirus Version Last Update Result  
AhnLab-V3 2008.2.29.1 2008.02.29 -  
AntiVir 7.6.0.73 2008.02.29 -  
Authentium 4.93.8 2008.03.01 -  
Avast 4.7.1098.0 2008.03.01 -  
AVG 7.5.0.516 2008.03.01 -  
BitDefender 7.2 2008.03.01 -  
CAT-QuickHeal 9.50 2008.03.01 -  
ClamAV 0.92.1 2008.03.01 -  
DrWeb 4.44.0.09170 2008.03.01 -  
eSafe 7.0.15.0 2008.02.28 -  
eTrust-Vet 31.3.5574 2008.02.29 -  
Ewido 4.0 2008.03.01 -  
FileAdvisor 1 2008.03.02 -  
Fortinet 3.14.0.0 2008.03.01 -  
F-Prot 4.4.2.54 2008.03.01 -  
F-Secure 6.70.13260.0 2008.03.01 -  
Ikarus T3.1.1.20 2008.03.01 -  
Kaspersky 7.0.0.125 2008.03.01 -  
McAfee 5242 2008.02.29 -  
Microsoft 1.3301 2008.03.01 -  
NOD32v2 2913 2008.03.01 -  
Norman 5.80.02 2008.02.29 -  
Panda 9.0.0.4 2008.03.01 -  
Prevx1 V2 2008.03.02 -  
Rising 20.33.52.00 2008.03.01 -  
Sophos 4.27.0 2008.03.01 -  
Sunbelt 3.0.906.0 2008.02.28 -  
Symantec 10 2008.03.01 -  
TheHacker 6.2.9.230 2008.03.01 -  
VBA32 3.12.6.2 2008.02.27 -  
VirusBuster 4.3.26:9 2008.02.29 -  
Webwasher-Gateway 6.6.2 2008.03.01 -  
Additional information  
File size: 99840 bytes  
MD5: 6f26876cafeb3b2e30c41b9c3de58734  
SHA1: f1fc88eecf1dbf24dca35acd9375312b5eb6994b  
PEiD: InstallShield 2000  
 
 
 Thanks.
IP Logged
"The important thing is never to stop asking questions."
Albert Einstein (1879-1955); physicist and mathematician.

Microsoft MVP - Windows Security
siliconman01
Global Moderator
*****



Trojans! Chew 'em Up, Spit 'em Out...

   


Gender: male
 Posts: 5462
Re: Boqr.100
« Reply #1 on: Mar 2nd, 2008, 12:39am »		 Quote Quote  Modify Modify
It most definitely appears to be a false positive.  Would you please submit E_S4I2 K1.EXE to Mischel Internet Security so that Gavin/Magnus can correct the rule.  The link below describes how to submit.  
 
http://www.misec.net/forum/board/FAQ/1139308293
 
I'll email Gavin that the false positive exists.
IP Logged
______
TrojanHunter V5.0.962...No. 1 AT in my Book and on my Box!
Marianna
Newbie
*






   


Gender: female
 Posts: 4
Re: Boqr.100
« Reply #2 on: Mar 2nd, 2008, 12:49am »		 Quote Quote  Modify Modify

Thanks  Cheesy
 
Yes, will zip the file and submit it.
IP Logged
"The important thing is never to stop asking questions."
Albert Einstein (1879-1955); physicist and mathematician.

Microsoft MVP - Windows Security
Pages: 1  Reply Reply  Notify of replies Notify of replies   Send Topic Send Topic   Print Print

« Previous topic | Next topic »
Search
Members
Login
Register