Kaspersky 2015 & .bat Files

Status
Not open for further replies.

Tony Cole

Level 27
Thread author
Verified
May 11, 2014
1,639
Hi:

I wonder if anyone has a clue about Kaspersky finding .bat files. After a Windows update, I will find 3-5 .bat files added to the untrusted category i.e.,

C:\Windows\System32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat

Any ideas, as I'm lost??? :(

Tony :)
 

Petrovic

Level 64
Verified
Honorary Member
Top Poster
Well-known
Apr 25, 2013
5,354
C:\Windows\System32\ - there should not be a * .bat
open *.bat with notepad and sent screenshot here & check files on VT
 
H

hjlbx

Hi:

I wonder if anyone has a clue about Kaspersky finding .bat files. After a Windows update, I will find 3-5 .bat files added to the untrusted category i.e.,

C:\Windows\System32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat

Any ideas, as I'm lost??? :(

Tony :)


It's OK Tony.

Intel Graphics

@echo off regsvr32 /s igfxDH.dll regsvr32 /s igfxDI.dll regsvr32 /s igfxLHM.dll regsvr32 /s igfxCPL.cpl regsvr32 /s igfxDTCM.dll regsvr32 /s igfxOSP.dll regsvr32 /s igfxexps.dll igfxext.exe /regserver igfxTray.exe /regserver igfxHK.exe /regserver start igfxEM.exe /RegServerPerUserGfxUIEx.exe /regserver attrib +R +H +S +A *.cui start igfxEM.exe start igfxTray.exe start igfxHK.exe del/Q {F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
 

Tony Cole

Level 27
Thread author
Verified
May 11, 2014
1,639
Yes, your correct there is no *.bat just .bat - I have checked all with virus total and they are clean.
 
H

hjlbx

Yes, your correct there is no *.bat just .bat - I have checked all with virus total and they are clean.

Petrovic just used the * instead of copying the string; *.bat = {F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat

* = "wildcard" that saves someone lazy like me a lot of typing.

I know you are getting a whole lot of unknown files after the TAM scan.

I tried to find a way for you to save a log of those unknown files so you could post, but no dice.

With TAM there is no settings to exclude files from the scan.

I eliminated a bunch by closing all apps, cleaning with CheckDisk and Wise Cleaner (every single option), and then ran the TAM scan.

I have freshly installed OS with few apps, so I had 19 unknown system files which I allowed to run and then 40 unknown apps - which I also allowed to run.

Just remember, clean the system thoroughly before enabling TAM.

You're good...
 

Tony Cole

Level 27
Thread author
Verified
May 11, 2014
1,639
I had a license key for Wise 365 so I did what you said, it still found 490 items, but these were Windows 8.1 apps, Metro apps and Chromes extensions, so I allowed them, then enable TAM.
 
H

hjlbx

I had a license key for Wise 365 so I did what you said, it still found 490 items, but these were Windows 8.1 apps, Metro apps and Chromes extensions, so I allowed them, then enable TAM.

Do you have a bunch of Metro Apps that you've downloaded and installed on your system?

Same with browser plug-ins\add-ons?
 
Status
Not open for further replies.

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top