Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Sintfnt.dll


  • Please log in to reply
5 replies to this topic

#1 helplalaman1

helplalaman1

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Local time:07:50 AM

Posted 28 June 2008 - 10:25 PM

Only my AVG found this as a threat, its called sintfnt.dll , and when I do SUPERAntiSpyware nothing shows up, same for Spybot S&D, AntiMalware, Windows Defender.

This threat is only found when scanning, or when I try opening GTA, I've read about it from other forums and other people get the same thing for games such as World of Warcraft, so I guess this "thing" revolves around games. Is it an actual threat? How can I remove it (I press heal on AVG, doesnt work), or if its not a threat and just a mistake by AVG, should i just turn off AVG when I want to play video games on my computer?

BC AdBot (Login to Remove)

 


#2 Richard Fu

Richard Fu

  • Members
  • 135 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:50 AM

Posted 28 June 2008 - 11:03 PM

Scan that file with Virustotal then post us the log.(Copy the table with the anti virus names...)
Link

#3 helplalaman1

helplalaman1
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Local time:07:50 AM

Posted 29 June 2008 - 03:26 PM

K, first off thanks for helping, and heres the log for SIntf32.dll:


Antivirus Version Last Update Result
AhnLab-V3 2008.6.27.1 2008.06.29 -
AntiVir 7.8.0.59 2008.06.29 -
Authentium 5.1.0.4 2008.06.29 -
Avast 4.8.1195.0 2008.06.28 -
AVG 7.5.0.516 2008.06.29 -
BitDefender 7.2 2008.06.29 -
CAT-QuickHeal 9.50 2008.06.28 -
ClamAV 0.93.1 2008.06.29 -
DrWeb 4.44.0.09170 2008.06.29 -
eSafe 7.0.17.0 2008.06.29 Suspicious File
eTrust-Vet 31.6.5911 2008.06.27 -
Ewido 4.0 2008.06.27 -
F-Prot 4.4.4.56 2008.06.29 -
F-Secure 7.60.13501.0 2008.06.26 -
Fortinet 3.14.0.0 2008.06.29 -
GData 2.0.7306.1023 2008.06.29 -
Ikarus T3.1.1.26.0 2008.06.29 -
Kaspersky 7.0.0.125 2008.06.29 -
McAfee 5327 2008.06.27 -
Microsoft 1.3704 2008.06.29 -
NOD32v2 3225 2008.06.29 -
Norman 5.80.02 2008.06.27 -
Panda 9.0.0.4 2008.06.29 -
Prevx1 V2 2008.06.29 -
Rising 20.50.62.00 2008.06.29 -
Sophos 4.30.0 2008.06.29 -
Sunbelt 3.0.1176.1 2008.06.26 -
Symantec 10 2008.06.29 -
TheHacker 6.2.96.364 2008.06.28 -
TrendMicro 8.700.0.1004 2008.06.27 PAK_Generic.001
VBA32 3.12.6.8 2008.06.29 -
VirusBuster 4.5.11.0 2008.06.23 -
Webwasher-Gateway 6.6.2 2008.06.29 Win32.Malware.gen#Petite!84 (suspicious)
Additional information
File size: 19924 bytes
MD5...: 36058fd9c9713188411f783dcc0ac500
SHA1..: bd8bdb14fdb1dd0db2923fa976877adb068985d4
SHA256: 8235210697c3e035683d3e4a9244680faa8a523b2dcd32b729c709828c39534d
SHA512: a0fe80187485cb5186badfe66d073b694704a613a0a8b994f317847c21d6fb11
6191ee025cfa70654d5fb624b9dfb7ad5f79ebad665801ab067682f1bf8bfd12
PEiD..: Petite v2.1 (2)
PEInfo: PE Structure information

( base data )
entrypointaddress.: 0x3000a10b
timedatestamp.....: 0x3e6c5fe8 (Mon Mar 10 09:50:32 2003)
machinetype.......: 0x14c (I386)

( 3 sections )
name viradd virsiz rawdsiz ntrpy md5
.text 0x1000 0x9000 0x2fd4 7.98 426c64404e1d01207af2a054bf5434e1
.petite 0xa000 0x184c 0x1a00 6.21 1ca90a9b29214cd5a952cea18f3c289a
0xc000 0x1000 0x0 0.00 d41d8cd98f00b204e9800998ecf8427e

( 2 imports )
> KERNEL32.dll: ExitProcess, LoadLibraryA, GetProcAddress, GlobalAlloc
> user32.dll: MessageBoxA, wsprintfA

( 15 exports )
ADI32, ATI32, C32, FGDM32, GCDL32, GDS32, GFP32, GGDM32, GNOCD32, LD32, LOH32, RLOS32, STS32, TC32, thk_ThunkData32

packers (Kaspersky): Petite
packers (F-Prot): Petite



I also had a different file in the same folder, called SIntf16.dll, heres the log for it:


Antivirus Version Last Update Result
AhnLab-V3 2008.6.27.1 2008.06.29 -
AntiVir 7.8.0.59 2008.06.29 -
Authentium 5.1.0.4 2008.06.29 -
Avast 4.8.1195.0 2008.06.28 -
AVG 7.5.0.516 2008.06.29 -
BitDefender 7.2 2008.06.29 -
CAT-QuickHeal 9.50 2008.06.28 -
ClamAV 0.93.1 2008.06.29 -
DrWeb 4.44.0.09170 2008.06.29 -
eSafe 7.0.17.0 2008.06.29 -
eTrust-Vet 31.6.5911 2008.06.27 -
Ewido 4.0 2008.06.27 -
F-Prot 4.4.4.56 2008.06.29 -
F-Secure 7.60.13501.0 2008.06.26 -
Fortinet 3.14.0.0 2008.06.29 -
GData 2.0.7306.1023 2008.06.29 -
Ikarus T3.1.1.26.0 2008.06.29 -
Kaspersky 7.0.0.125 2008.06.29 -
McAfee 5327 2008.06.27 -
Microsoft 1.3704 2008.06.29 -
NOD32v2 3225 2008.06.29 -
Norman 5.80.02 2008.06.27 -
Panda 9.0.0.4 2008.06.29 -
Prevx1 V2 2008.06.29 -
Rising 20.50.62.00 2008.06.29 -
Sophos 4.30.0 2008.06.29 -
Sunbelt 3.0.1176.1 2008.06.26 -
Symantec 10 2008.06.29 -
TheHacker 6.2.96.364 2008.06.28 -
TrendMicro 8.700.0.1004 2008.06.27 -
VBA32 3.12.6.8 2008.06.29 -
VirusBuster 4.5.11.0 2008.06.23 -
Webwasher-Gateway 6.6.2 2008.06.29 -
Additional information
File size: 12067 bytes
MD5...: c72263a0b16b36e0b4bd2fd442fffd54
SHA1..: eeefb634c1077a4dccaa99f3db6ed3d935650110
SHA256: d263e730a51fe2f103fd592ab3489c8c10ecbc66b951a5e8bde7bf4f79c75c45
SHA512: 61ed743f75ab790cacc14eee62456a0d081d7adf252c3b18149ef4f74dade63c
39d33da1a7cc23dc19a169e29decd41365e67df208037fd89307fd489f3ec7ec
PEiD..: -
PEInfo: -
packers (Kaspersky): PkLite


But for the file called SIntfNT.dll in the same folder, If id send it a blank page with "0 bytes size received / Se ha recibido un archivo vacio " comes up.




The folder with these 3 things is found in the "temp" section, which is in my "local settings" section, which is in my "documents & settings" folder, which is in my C drive.

#4 Richard Fu

Richard Fu

  • Members
  • 135 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:50 AM

Posted 29 June 2008 - 03:36 PM

It looks like a false positive.

#5 helplalaman1

helplalaman1
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Local time:07:50 AM

Posted 29 June 2008 - 07:42 PM

Sorry I'm not too good at this. What is a false positive? And if that means its not doing anything, how do I open GTA, because when I double click it AVG asks me if I want to heal/ignore, when I press either one then the game doesnt load. If I press the game again AVG pops up again. If I disable AVG the game does not load at all when I click it.

#6 Richard Fu

Richard Fu

  • Members
  • 135 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:50 AM

Posted 29 June 2008 - 07:57 PM

A false positive is when an anti virus/anti spyware program tells you that you have a virus, but you don't.
Look here on stopping AVG.
For 8.0
For 7.5

Edited by Richard Fu, 29 June 2008 - 11:31 PM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users