Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Antivirus Remover 2008? / Not certain?


  • This topic is locked This topic is locked
20 replies to this topic

#1 Amoire

Amoire

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:04:24 AM

Posted 31 December 2008 - 07:30 PM

Yesterday something called 'Antivirus Remover 2008' popped up onto my computer. A friend of mine had recently lost his computer to his virus, and he forwarded me to the Malwarebyte's Anti-Malware. I did the quick-scan late last night and removed everything it popped up.. and then after I got off work this evening I ran it again. It popped up some more files and while I tried to remove them it won't entirely get rid of them. They keep popping back up.


DDS (Version 1.1.0) - NTFSx86
Run by a noir lullaby at 11:11:31.71 on Thu 01/01/2009
Internet Explorer: 6.0.2900.5512
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1278.710 [GMT -6:00]

AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated)
FW: ZoneAlarm Firewall *enabled*

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\system32\svchost.exe -k netsvcs
svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Dell Support Center\bin\sprtsvc.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\PROGRA~1\SBCSEL~1\SMARTB~1\MotiveSB.exe
C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe
C:\WINDOWS\system32\igfxtray.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\DellSupport\DSAgnt.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
C:\Program Files\Common Files\Logitech\khalshared\KHALMNPR.EXE
C:\Program Files\AIM6\aim6.exe
C:\Program Files\AIM6\aolsoftware.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\SYSTEM32\rundll32.exe
C:\Documents and Settings\a noir lullaby\Desktop\dds.scr

============== Pseudo HJT Report ===============

uStart Page = hxxp://att.yahoo.com
uSearch Page = hxxp://us.rd.yahoo.com/customize/ycomp/defaults/sp/*http://www.yahoo.com
uDefault_Page_URL = hxxp://www.dell4me.com/myway
uSearch Bar = hxxp://us.rd.yahoo.com/customize/ycomp/defaults/sb/*http://www.yahoo.com/search/ie.html
mSearch Bar = hxxp://us.rd.yahoo.com/customize/ie/defaults/sb/msgr7/*http://www.yahoo.com/ext/search/search.html
uInternet Connection Wizard,ShellNext = https://accountservices.passport.net/reg.sr...egXPWizCredOnly
uInternet Settings,ProxyOverride = 127.0.0.1
uSearchURL,(Default) = hxxp://us.rd.yahoo.com/customize/ycomp/defaults/su/*http://www.yahoo.com
uURLSearchHooks: Yahoo! uC: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\progra~1\yahoo!\companion\installs\cpn\yt.dll
BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\progra~1\yahoo!\companion\installs\cpn\yt.dll
BHO: NoExplorer - No File
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: Skype add-on (mastermind): {22bf413b-c6d2-4d91-82a9-a0f997ba588c} - c:\program files\skype\toolbars\internet explorer\SkypeIEPlugin.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg8\avgssie.dll
BHO: SSVHelper Class: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre1.5.0_09\bin\ssv.dll
TB: Yahoo! uC: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\progra~1\yahoo!\companion\installs\cpn\yt.dll
EB: {4528BBE0-4E08-11D5-AD55-00010333D0AD} - No File
uRun: [Yahoo! Pager] "c:\program files\yahoo!\messenger\YahooMessenger.exe" -quiet
uRun: [DellSupport] "c:\program files\dellsupport\DSAgnt.exe" /startup
uRun: [Aim6]
mRun: [SunJavaUpdateSched] "c:\program files\java\jre1.5.0_09\bin\jusched.exe"
mRun: [SoundMAXPnP] c:\program files\analog devices\core\smax4pnp.exe
mRun: [Motive SmartBridge] c:\progra~1\sbcsel~1\smartb~1\MotiveSB.exe
mRun: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
mRun: [Lexmark 1200 Series] "c:\program files\lexmark 1200 series\lxczbmgr.exe"
mRun: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
mRun: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
mRun: [IntelMeM] c:\program files\intel\modem event monitor\IntelMEM.exe
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [dscactivate] "c:\program files\dell support center\gs_agent\custom\dsca.exe"
mRun: [DellSupportCenter] "c:\program files\dell support center\bin\sprtcmd.exe" /P DellSupportCenter
mRun: [AVG8_TRAY] c:\progra~1\avg\avg8\avgtray.exe
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe"
mRun: [ZoneAlarm Client] "c:\program files\zone labs\zonealarm\zlclient.exe"
dRun: [msiexec.exe] msiconf.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\at&tse~1.lnk - c:\program files\sbc self support tool\bin\matcli.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\logite~1.lnk - c:\program files\logitech\setpoint\SetPoint.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\nkbmon~1.lnk - c:\program files\nikon\pictureproject\NkbMonitor.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\vpro620.lnk - c:\windows\VPro620.exe
IE: {CD67F990-D8E9-11d2-98FE-00C0F0318AFE}
IE: {d9288080-1baa-4bc4-9cf8-a92d743db949}
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0015-0000-0009-ABCDEFFEDCBC} - c:\program files\java\jre1.5.0_09\bin\ssv.dll
IE: {77BF5300-1474-4EC7-9980-D32B190E9B07} - {77BF5300-1474-4EC7-9980-D32B190E9B07} - c:\program files\skype\toolbars\internet explorer\SkypeIEPlugin.dll
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg8\avgpp.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
Notify: igfxcui - igfxsrvc.dll
AppInit_DLLs: avgrsstx.dll
LSA: Authentication Packages = msv1_0 c:\\windows\\system32\\ddcArQgD

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\anoirl~1\applic~1\mozilla\firefox\profiles\sujgyxmt.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.yahoo.com/search?fr=ffsp1&p=
FF - prefs.js: browser.search.selectedEngine - Yahoo
FF - prefs.js: browser.startup.homepage - hxxp://www.yahoo.com/
FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=ffds1&p=
FF - component: c:\program files\avg\avg8\firefox\components\avgssff.dll
FF - plugin: c:\documents and settings\a noir lullaby\application data\mozilla\firefox\profiles\sujgyxmt.default\extensions\flashplugin@idm\platform\winnt\plugins\npidmdcp.dll
FF - plugin: c:\program files\java\jre1.5.0_09\bin\NPJava11.dll
FF - plugin: c:\program files\java\jre1.5.0_09\bin\NPJava12.dll
FF - plugin: c:\program files\java\jre1.5.0_09\bin\NPJava13.dll
FF - plugin: c:\program files\java\jre1.5.0_09\bin\NPJava14.dll
FF - plugin: c:\program files\java\jre1.5.0_09\bin\NPJava32.dll
FF - plugin: c:\program files\java\jre1.5.0_09\bin\NPJPI150_09.dll
FF - plugin: c:\program files\java\jre1.5.0_09\bin\NPOJI610.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npunagi2.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npViewpoint.dll
FF - plugin: c:\program files\viewpoint\viewpoint experience technology\npViewpoint.dll
FF - plugin: c:\program files\yahoo!\shared\npYState.dll

============= SERVICES / DRIVERS ===============

R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2008-7-7 97928]
R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86;c:\windows\system32\drivers\avgmfx86.sys [2008-7-7 26824]
R1 vsdatant;vsdatant;c:\windows\system32\vsdatant.sys [2008-12-31 353680]
R2 avg8emc;AVG Free8 E-mail Scanner;c:\progra~1\avg\avg8\avgemc.exe [2008-7-7 875288]
R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\avg\avg8\avgwdsvc.exe [2008-7-7 231704]
R2 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2008-7-7 76040]
R2 Viewpoint Manager Service;Viewpoint Manager Service;"c:\program files\viewpoint\common\ViewpointService.exe" [2007-10-29 24652]
R2 vsmon;TrueVector Internet Monitor;c:\windows\system32\zonelabs\vsmon.exe -service []
R3 SPC620;Philips SPC620NC PC Camera;c:\windows\system32\drivers\SPC620.sys [2008-4-18 484352]
R3 SPC620m;Philips SPC620NC PC Cameram;c:\windows\system32\drivers\SPC620m.sys [2008-4-18 7680]
S3 AJKFL;AJKFL;c:\docume~1\jadeth~1\locals~1\temp\AJKFL.exe []
S3 AvFlt;Antivirus Filter Driver;c:\windows\system32\drivers\av5flt.sys []
S3 PCD5SRVC{B86A8B78-4A45A442-05040000};PCD5SRVC{B86A8B78-4A45A442-05040000} - PCDR Kernel Mode Service Helper Driver;\??\c:\progra~1\dellsu~3\hwdiag\bin\PCD5SRVC.pkms [2007-12-5 20640]

=============== Created Last 30 ================

2008-12-31 23:01 1,221,008 a------- c:\windows\system32\zpeng25.dll
2008-12-31 23:01 <DIR> --d----- c:\windows\system32\ZoneLabs
2008-12-31 23:01 <DIR> --d----- c:\program files\Zone Labs
2008-12-31 23:01 348,371 a------- c:\windows\system32\vsconfig.xml
2008-12-31 01:02 <DIR> --d----- c:\docume~1\anoirl~1\applic~1\Malwarebytes
2008-12-31 01:02 15,504 a------- c:\windows\system32\drivers\mbam.sys
2008-12-31 01:02 38,496 a------- c:\windows\system32\drivers\mbamswissarmy.sys
2008-12-31 01:02 <DIR> --d----- c:\program files\Malwarebytes' Anti-Malware
2008-12-31 01:02 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Malwarebytes
2008-12-30 23:55 82,944 a------- c:\windows\system32\bgl.exe

==================== Find3M ====================

2008-12-31 23:02 4,212 ac--h--- c:\windows\system32\zllictbl.dat
2008-12-12 11:01 3,067,904 -------- c:\windows\system32\dllcache\mshtml.dll
2008-10-24 05:21 455,296 -------- c:\windows\system32\dllcache\mrxsmb.sys
2008-10-23 06:36 286,720 a------- c:\windows\system32\gdi32.dll
2008-10-15 19:00 666,112 a------- c:\windows\system32\wininet.dll
2008-10-15 19:00 666,112 -------- c:\windows\system32\dllcache\wininet.dll
2008-10-15 19:00 619,520 -------- c:\windows\system32\dllcache\urlmon.dll
2008-10-15 19:00 1,499,136 -------- c:\windows\system32\dllcache\shdocvw.dll
2008-10-09 12:14 77,915 ac------ c:\windows\pchealth\helpctr\offlinecache\index.dat
2008-04-18 12:54 32 ac------ c:\docume~1\alluse~1\applic~1\ezsid.dat
2008-02-12 12:32 20 -c--h--- c:\docume~1\alluse~1\applic~1\PKP_DLec.DAT
2006-06-30 15:29 56 -c-shr-- c:\windows\system32\F7ADF7FDAE.sys
2006-06-30 15:29 1,682 ac-sh--- c:\windows\system32\KGyGaAvL.sys

============= FINISH: 11:13:31.60 ===============

Attached Files


Edited by Amoire, 01 January 2009 - 12:17 PM.


BC AdBot (Login to Remove)

 


#2 Hoov

Hoov

  • Malware Response Team
  • 3,519 posts
  • OFFLINE
  •  
  • Location:Mikado Michigan
  • Local time:04:24 AM

Posted 11 January 2009 - 12:07 PM

Howdy, my name is Hoov, and I will be helping you with your dilemma.

Please make sure you watch this thread for responses. If you click the options tab at the top of your first post, you can select to track this thread.

Here is what I am asking you to do during the repair of your computer

*Tell me everything that you have done, if anything, to try and fix this problem.

*Please only use 1 forum to help clear up your problem. Posting on more than 1 and following instructions from more than 1 forum will cause those helping you to pull out thier hair.

*Follow my instructions - If you can't for some reason, or if you don't understand something, please tell me. If you deviate from my instructions, tell me, it may make a difference on where we go. Don't install anything, even other programs that have nothing to do with security or malware, it could cause things to change, and I would never know it.

*Have faith. I will do all I can to get your computer working, and if I can't - someone else here will know something else to try.

*Stick with me to the end. My aim is to fix your problems, and give you the tools and knowledge to keep this from happening again.

Now onto trying to fix your computer. I am looking over your log, and I will be back in a bit with some instructions.
Visiting From SpywareHammer.com and DonHoover.net

Tilting at windmills hurts you more than the windmills.
-From the Notebooks of Lazarus Long
Senior of the Howard Families

Posted Image

#3 Hoov

Hoov

  • Malware Response Team
  • 3,519 posts
  • OFFLINE
  •  
  • Location:Mikado Michigan
  • Local time:04:24 AM

Posted 11 January 2009 - 12:22 PM

Do a full scan using Malwarebytes' Anti-Malware instead of a quick scan. It will take a lot longer. Please post the log up.

Also are there any other symptoms other than what the scanners are telling you? Did you install ZoneAlarm after you started having problems? In your post, there are two attach.txt files. One has ZoneAlarm listed as installed, the other doesn't.
Visiting From SpywareHammer.com and DonHoover.net

Tilting at windmills hurts you more than the windmills.
-From the Notebooks of Lazarus Long
Senior of the Howard Families

Posted Image

#4 Amoire

Amoire
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:04:24 AM

Posted 11 January 2009 - 10:20 PM

Thank you Hoov!

I'm getting ready to head out for the night, but I'll let Malwarebyte's run overnight and post the log first thing in the morning before work. I've tried a quick scan of it about a week or so back to remove everything found.. but they were still there when I gave it a second scan immediately after. I didn't get Zone Alarm until after I started having issues, and I've noticed it blocking several strange requests from names that were unfamiliar to me. When I first noticed I had a virus it was blocking this website and blanked out my desktop - both of those issues were fixed in my initial scan of Malwarebyte's. I haven't had any problems similiar to that since then but every now and then I'll hear the 'ping' windows make when a window or alert box is opened.. only to find nothing there. I thought it was gone, but I suspect that means there might be lingering traces of it. I want to do everything I can to get it completely off, of course. I've also ran Spybot S&D a couple times since this post and removed everything it has found. Thanks again Hoov, will be back in the morning with a post of my Malwarebyte's Log on a full scan!

- Amoire

#5 Amoire

Amoire
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:04:24 AM

Posted 12 January 2009 - 08:29 AM

Attached is the log from Malwarebyte's. I wasn't sure if I should remove all selected cause some of them said .sys files? Let me know what I should do.

Attached Files


Edited by Amoire, 12 January 2009 - 08:30 AM.


#6 Hoov

Hoov

  • Malware Response Team
  • 3,519 posts
  • OFFLINE
  •  
  • Location:Mikado Michigan
  • Local time:04:24 AM

Posted 12 January 2009 - 12:03 PM

Most definitely remove all selected. Unless you are involved in the taking down of malware sites, phish sites and other bad things and have bad things stored on your HD for reporting purposes. I almost never second guess a scanner that tells me I have an infected file. I get rid of it, and if necessary reinstall the software. So go ahead do the full scan again and get rid of those files. Also go to c:\windows\internet logs and attach the files with zalog.txt in them. Some may have a date smashed into it.
Visiting From SpywareHammer.com and DonHoover.net

Tilting at windmills hurts you more than the windmills.
-From the Notebooks of Lazarus Long
Senior of the Howard Families

Posted Image

#7 Amoire

Amoire
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:04:24 AM

Posted 12 January 2009 - 08:29 PM

Alright! I let Malware remove everything that it found... and...

I found the various ZA logs. You said you wanted all of them? O_o there's a lot, but I'm loading them up in this post.

And the last one I saw!

Edited by Hoov, 12 January 2009 - 10:05 PM.


#8 Amoire

Amoire
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:04:24 AM

Posted 12 January 2009 - 08:30 PM

Er.. and I missed one. It says I've used all my attachment space.

#9 Hoov

Hoov

  • Malware Response Team
  • 3,519 posts
  • OFFLINE
  •  
  • Location:Mikado Michigan
  • Local time:04:24 AM

Posted 12 January 2009 - 09:55 PM

That's alright, I just want to see if there is anything bad trying to get out.

Don't worry, I removed the attachments, they didn't need to stay up. I found out that a lot of someone's are hammering at your port 11841. Don't turn off your firewall or you are going to get invaded in seconds. And it appears that it is something new using that port.

Edited by Hoov, 12 January 2009 - 10:12 PM.

Visiting From SpywareHammer.com and DonHoover.net

Tilting at windmills hurts you more than the windmills.
-From the Notebooks of Lazarus Long
Senior of the Howard Families

Posted Image

#10 Amoire

Amoire
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:04:24 AM

Posted 12 January 2009 - 10:31 PM

Alright. Yaay for the firewall? So should I just make sure the firewall stays up 24/7 or is there anything else I should do?

#11 Hoov

Hoov

  • Malware Response Team
  • 3,519 posts
  • OFFLINE
  •  
  • Location:Mikado Michigan
  • Local time:04:24 AM

Posted 12 January 2009 - 11:22 PM

Most definitely keep the firewall going. As for what else you can do, you can send your logs into dshield.org. There really isn't anything else that you can do with it. I tried finding out what uses that port, but could find nothing.

So how is the computer running? If all the problems seem to be gone go ahead and give me another dds log. If it clean, we do a few cleanup things, and we will be done.

One thing you do need to do before you run the DDS scan again is update Java.

Please follow these steps to remove older version Java components and update.

Updating Java:
Download the latest version of Java Runtime Environment (JRE) 6.0.
Scroll down to where it says "Java SE Runtime Environment (JRE) 6 Update 11".
Click the "Download" button to the right.
UNCHECK the option to install Google Toolbar if you don't want it .
Check the box that says: "Accept License Agreement".
The page will refresh.
Click on the link to download Windows Offline Installation with or without Multi-language and save to your desktop.
Close any programs you may have running - especially your web browser.
Go to Start > Control Panel double-click on Add/Remove programs and remove all older versions of Java.
Check any item with Java Runtime Environment (JRE or J2SE) in the name.
Click the Remove or Change/Remove button.
Repeat as many times as necessary to remove each Java versions.
Reboot your computer once all Java components are removed.
Then from your desktop double-click on jre-6u11-windows-i586-p.exe to install the newest version.
[*]Note: By default a box may be checked to install a toolbar - if you do not want to install it, then be sure to opt-out by unchecking that box.
Visiting From SpywareHammer.com and DonHoover.net

Tilting at windmills hurts you more than the windmills.
-From the Notebooks of Lazarus Long
Senior of the Howard Families

Posted Image

#12 Amoire

Amoire
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:04:24 AM

Posted 14 January 2009 - 10:07 AM

Alright! Did what you said with Java, and posting the new logs for DDS. Also, I know you said don't install anything w/out giving you a heads up - the icon for windows updates popped up down in my taskbar this morning, but I haven't installed them yet. Should I?

Attached Files



#13 Hoov

Hoov

  • Malware Response Team
  • 3,519 posts
  • OFFLINE
  •  
  • Location:Mikado Michigan
  • Local time:04:24 AM

Posted 14 January 2009 - 05:49 PM

I found a few files that worry me. Have you ever installed Dr.Divx or anything else from Divx.com?

Also these I am worried about
c:\windows\system32\F7ADF7FDAE.sys
S3 AJKFL;AJKFL;c:\docume~1\jadeth~1\locals~1\temp\AJKFL.exe

Would you run them thru http://www.virustotal.com/ and post the results.

If the results from these two scans are negative, go ahead and do the update.
Visiting From SpywareHammer.com and DonHoover.net

Tilting at windmills hurts you more than the windmills.
-From the Notebooks of Lazarus Long
Senior of the Howard Families

Posted Image

#14 Amoire

Amoire
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:04:24 AM

Posted 14 January 2009 - 08:26 PM

Erm.. O_o For the Divx stuff? Not that I'm aware of - not even sure what that is. And.. in queue to get those files scanned now. Will get back to ya when they complete.

#15 Amoire

Amoire
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:04:24 AM

Posted 14 January 2009 - 08:47 PM

File F7ADF7FDAE.sys received on 01.15.2009 02:25:31 (CET)
Current status: Loading ... queued waiting scanning finished NOT FOUND STOPPED
Result: 0/39 (0%)
Loading server information...
Your file is queued in position: 1.
Estimated start time is between 38 and 55 seconds.
Do not close the window until scan is complete.
The scanner that was processing your file is stopped at this moment, we are going to wait a few seconds to try to recover your result.
If you are waiting for more than five minutes you have to resend your file.
Your file is being scanned by VirusTotal in this moment,
results will be shown as they're generated.
Compact Compact
Print results Print results
Your file has expired or does not exists.
Service is stopped in this moments, your file is waiting to be scanned (position: ) for an undefined time.

You can wait for web response (automatic reload) or type your email in the form below and click "request" so the system sends you a notification when the scan is finished.
Email:

Antivirus Version Last Update Result
a-squared 4.0.0.73 2009.01.15 -
AhnLab-V3 2009.1.15.0 2009.01.14 -
AntiVir 7.9.0.54 2009.01.14 -
Authentium 5.1.0.4 2009.01.14 -
Avast 4.8.1281.0 2009.01.14 -
AVG 8.0.0.229 2009.01.14 -
BitDefender 7.2 2009.01.15 -
CAT-QuickHeal 10.00 2009.01.14 -
ClamAV 0.94.1 2009.01.14 -
Comodo 931 2009.01.14 -
DrWeb 4.44.0.09170 2009.01.15 -
eSafe 7.0.17.0 2009.01.14 -
eTrust-Vet 31.6.6308 2009.01.15 -
F-Prot 4.4.4.56 2009.01.14 -
F-Secure 8.0.14470.0 2009.01.15 -
Fortinet 3.117.0.0 2009.01.15 -
GData 19 2009.01.15 -
Ikarus T3.1.1.45.0 2009.01.15 -
K7AntiVirus 7.10.584 2009.01.09 -
Kaspersky 7.0.0.125 2009.01.15 -
McAfee 5495 2009.01.14 -
McAfee+Artemis 5495 2009.01.14 -
Microsoft 1.4205 2009.01.15 -
NOD32 3767 2009.01.15 -
Norman 5.93.01 2009.01.13 -
nProtect 2009.1.8.0 2009.01.14 -
Panda 9.5.1.2 2009.01.14 -
PCTools 4.4.2.0 2009.01.14 -
Prevx1 V2 2009.01.15 -
Rising 21.12.22.00 2009.01.14 -
SecureWeb-Gateway 6.7.6 2009.01.14 -
Sophos 4.37.0 2009.01.15 -
Sunbelt 3.2.1831.2 2009.01.09 -
Symantec 10 2009.01.15 -
TheHacker 6.3.1.4.220 2009.01.14 -
TrendMicro 8.700.0.1004 2009.01.14 -
VBA32 3.12.8.10 2009.01.14 -
ViRobot 2009.1.14.1559 2009.01.14 -
VirusBuster 4.5.11.0 2009.01.14 -
Additional information
File size: 56 bytes
MD5...: dcaa75ba092b13b27a0e6c3af759dce5
SHA1..: b6e5e5abab389136e404b15f11f99887c682dfbc
SHA256: f3bf2baa56ae6bd35f28b49cbdc1fd2e01f75de6bb139fd6354df33a79d8dca5
SHA512: ae9c08d0ff9b8b0c4e27b95afeaa18451c984c8e266efb7fda175af6dc0fb877
b2bc2472641d03cac31b1496d69fa8840161a536aedaa5db7c73cc42b99bec3b
ssdeep: 3:/lbalVFrSn:5aFrSn
PEiD..: -
TrID..: File type identification
MS Flight Simulator Aircraft Performance Info (100.0%)
PEInfo: -

This is the first one.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users