Hi Chemist. I followed your instructions again, but was unable to access the Kapersky Online Scanner. I got a message that said the Internet server or proxy server couldn't be located. Do you have another way for me to run this scan? Meanwhile, I've pasted the Virus Totals and the ComboFix.txt file below. I'll run the HijackThis log after I am able to run the Kapersky scan.
By the way, the zip file you asked about is for MS PhotoDraw V2.
Thanks.
ComboFix 08-07-05.1 - Mona 2008-07-07 14:38:44.2 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.208 [GMT -7:00]
Running from: C:\Documents and Settings\Mona\Desktop\ComboFix.exe
Command switches used :: C:\Documents and Settings\Mona\Desktop\CFScript.txt
* Created a new restore point
FILE ::
File:: C:\WINDOWS\system32\hxdyoeci.iniC:\WINDOWS\system32\hxdyoeci.tmpC:\Documents and Settings\Mona\services.exeC:\WINDOWS\BMe76f1f9f.xmlC:\WINDOWS\Tasks\RegistrySmart Scheduled Scan.jobRegistry:: [-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{66b570a4-a49f-11d9-a398-00e04cd2fd95}]Folder:: C:\Documents and Settings\All Users\Application Data\Avg8C:\Documents and Settings\All Users\Application Data\Viewpoint
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\WINDOWS\BMe76f1f9f.xml
.
((((((((((((((((((((((((( Files Created from 2008-06-07 to 2008-07-07 )))))))))))))))))))))))))))))))
.
2008-07-05 21:24 . 2008-07-05 21:24 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Avg8
2008-06-30 21:57 . 2008-06-30 21:57 <DIR> d-------- C:\Deckard
2008-06-30 20:30 . 2008-06-30 20:30 <DIR> d-------- C:\Program Files\Trend Micro
2008-06-30 20:29 . 2008-06-30 20:30 812,344 --a------ C:\Program Files\HJTInstall.exe
2008-06-28 11:20 . 2008-06-28 11:21 15,070,104 --a------ C:\Program Files\SpySweeperRegSetup_EN.exe
2008-06-20 22:48 . 2008-06-30 11:16 <DIR> d-------- C:\Documents and Settings\Mona\Application Data\RegistrySmart
2008-06-19 07:01 . 2008-06-18 18:36 294 --ahs---- C:\WINDOWS\system32\hxdyoeci.ini
2008-06-18 18:54 . 2008-06-30 03:00 1,917 --a------ C:\WINDOWS\imsins.BAK
2008-06-18 18:36 . 2008-06-18 18:36 74 --ahs---- C:\WINDOWS\system32\hxdyoeci.tmp
2008-06-18 15:20 . 2008-06-18 15:20 <DIR> d-------- C:\Program Files\Lavasoft
2008-06-18 15:20 . 2008-06-18 15:25 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Lavasoft
2008-06-18 15:19 . 2008-06-18 15:19 <DIR> d-------- C:\Program Files\Common Files\Wise Installation Wizard
2008-06-18 14:19 . 2008-06-18 14:19 <DIR> d-------- C:\Documents and Settings\LocalService\Application Data\Webroot
2008-06-18 14:19 . 2008-01-04 20:34 163,696 --a------ C:\WINDOWS\system32\drivers\ssidrv.sys
2008-06-18 14:19 . 2008-01-04 20:34 23,920 --a------ C:\WINDOWS\system32\drivers\sskbfd.sys
2008-06-18 14:19 . 2008-01-04 20:34 21,872 --a------ C:\WINDOWS\system32\drivers\sshrmd.sys
2008-06-18 14:19 . 2008-01-04 20:34 20,336 --a------ C:\WINDOWS\system32\drivers\SSFS0BB9.sys
2008-06-18 14:18 . 2008-06-18 14:18 <DIR> d-------- C:\Program Files\Webroot
2008-06-18 14:18 . 2008-06-18 14:18 <DIR> d-------- C:\Documents and Settings\Mona\Application Data\Webroot
2008-06-18 14:18 . 2008-06-18 14:18 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Webroot
2008-06-18 14:18 . 2008-01-04 20:56 1,526,640 --a------ C:\WINDOWS\WRSetup.dll
2008-06-18 14:17 . 2008-06-28 11:22 164 --a------ C:\install.dat
2008-06-16 16:23 . 2008-06-16 16:23 1,657,164 --ahs---- C:\WINDOWS\system32\mbmjgaep.tmp
2008-06-16 11:23 . 2008-07-04 01:57 <DIR> d-------- C:\Program Files\Spyware Doctor
2008-06-16 11:23 . 2008-06-16 11:23 <DIR> d-------- C:\Documents and Settings\Mona\Application Data\PC Tools
2008-06-16 11:23 . 2007-12-10 13:53 81,288 --a------ C:\WINDOWS\system32\drivers\iksyssec.sys
2008-06-16 11:23 . 2007-12-10 13:53 66,952 --a------ C:\WINDOWS\system32\drivers\iksysflt.sys
2008-06-16 11:23 . 2008-02-01 11:55 42,376 --a------ C:\WINDOWS\system32\drivers\ikfilesec.sys
2008-06-16 11:23 . 2007-12-10 13:53 29,576 --a------ C:\WINDOWS\system32\drivers\kcom.sys
2008-06-14 22:08 . 2008-06-18 08:32 128 --a------ C:\Documents and Settings\Mona\services.exe
2008-06-10 15:56 . 2008-06-13 06:10 272,128 -----c--- C:\WINDOWS\system32\dllcache\bthport.sys
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-07-07 21:37 --------- d-----w C:\Program Files\Common Files\Symantec Shared
2008-07-07 05:14 --------- d-----w C:\Documents and Settings\All Users\Application Data\Google Updater
2008-07-06 05:05 --------- d---a-w C:\Documents and Settings\All Users\Application Data\TEMP
2008-07-06 04:36 --------- d-----w C:\Documents and Settings\All Users\Application Data\Viewpoint
2008-07-01 05:35 --------- d-----w C:\Program Files\Norton 360
2008-06-30 09:46 --------- d-----w C:\Program Files\Bonjour
2008-06-19 01:55 --------- d-----w C:\Program Files\Spybot - Search & Destroy
2008-06-17 18:58 --------- d-----w C:\Program Files\MySpace
2008-06-17 17:39 --------- d-----w C:\Program Files\Ahead
2008-06-16 17:48 --------- d-----w C:\Program Files\STOPzilla!
2008-06-16 17:43 --------- d-----w C:\Program Files\Microsoft Silverlight
2008-06-16 17:36 --------- d-----w C:\Documents and Settings\All Users\Application Data\STOPzilla!
2008-06-15 06:07 --------- d-----w C:\Program Files\Windows Live
2008-06-15 06:06 --------- d-----w C:\Program Files\Musicmatch
2008-06-15 05:58 --------- d-----w C:\Program Files\Common Files\Adobe
2008-06-14 07:02 --------- d-----w C:\Documents and Settings\Mona\Application Data\LimeWire
2008-06-13 13:10 272,128 ----a-w C:\WINDOWS\system32\drivers\bthport.sys
2008-05-29 02:13 --------- d-----w C:\Documents and Settings\Mona\Application Data\Windows Live Writer
2008-05-26 02:16 --------- d-----w C:\Program Files\Microsoft SQL Server Compact Edition
2008-05-26 02:14 --------- d-----w C:\Documents and Settings\All Users\Application Data\WLInstaller
2008-05-26 02:12 2,400,784 ----a-w C:\Program Files\WLinstaller.exe
2008-05-16 18:58 12,632 ----a-w C:\WINDOWS\system32\lsdelete.exe
2008-05-08 12:28 202,752 ----a-w C:\WINDOWS\system32\drivers\rmcast.sys
2008-05-07 05:18 1,287,680 ----a-w C:\WINDOWS\system32\quartz.dll
2008-05-03 22:48 924,392 -c--a-w C:\Program Files\setup.exe
2008-04-26 18:23 348,160 ----a-w C:\WINDOWS\system32\msvcr71.dll
2008-04-23 04:16 826,368 ----a-w C:\WINDOWS\system32\wininet.dll
2008-04-22 23:51 60,800 ----a-w C:\WINDOWS\system32\S32EVNT1.DLL
2008-03-18 03:10 9,525,462 -c--a-w C:\Program Files\aep292.exe
2008-03-11 23:13 199,021,300 -c--a-w C:\Program Files\25dc4d236d00087cde56a67fd0657387d03cd67a7d4.zip
2008-03-11 02:08 606,168 -c--a-w C:\Program Files\AmazonMP3Installer.exe
2007-02-03 00:07 722,176 ----a-w C:\Documents and Settings\Mona\gotomypc_428.exe
2006-09-09 01:51 563,712 ----a-w C:\Documents and Settings\Mona\gotomypc_370.exe
2006-03-14 05:38 563,712 ----a-w C:\Documents and Settings\Mona\370_gotomypc.exe
2005-08-18 04:11 8,192 -csha-w C:\Program Files\Thumbs.db
2004-09-24 18:23 204 -c--a-w C:\Program Files\princess.gif
2004-09-24 18:23 201 -c--a-w C:\Program Files\prince.gif
2004-09-24 18:23 1,458 -c--a-w C:\Program Files\reggie1_emoticon.bmp
2004-09-24 08:01 3,603,880 -c--a-w C:\Program Files\ssfsetup648_1761519317.exe
2004-09-04 03:23 462,919 ----a-w C:\Documents and Settings\Mona\gotomypc.exe
.
((((((((((((((((((((((((((((( snapshot@2008-07-05_22.39.47.56 )))))))))))))))))))))))))))))))))))))))))
.
- 2008-07-06 05:33:47 2,048 --s-a-w C:\WINDOWS\bootstat.dat
+ 2008-07-07 15:53:56 2,048 --s-a-w C:\WINDOWS\bootstat.dat
- 2008-04-14 11:01:02 272,128 ------w C:\WINDOWS\Driver Cache\i386\bthport.sys
+ 2008-06-13 13:10:50 272,128 ------w C:\WINDOWS\Driver Cache\i386\bthport.sys
+ 2008-07-07 15:54:02 16,384 ----atw C:\WINDOWS\Temp\Perflib_Perfdata_184.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\OverlayExcluded]
@="{4433A54A-1AC8-432F-90FC-85F045CF383C}"
[HKEY_CLASSES_ROOT\CLSID\{4433A54A-1AC8-432F-90FC-85F045CF383C}]
2008-02-26 01:34 576352 --a------ C:\Program Files\Common Files\Symantec Shared\Backup\buShell.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\OverlayPending]
@="{F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225}"
[HKEY_CLASSES_ROOT\CLSID\{F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225}]
2008-02-26 01:34 576352 --a------ C:\Program Files\Common Files\Symantec Shared\Backup\buShell.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\OverlayProtected]
@="{476D0EA3-80F9-48B5-B70B-05E677C9C148}"
[HKEY_CLASSES_ROOT\CLSID\{476D0EA3-80F9-48B5-B70B-05E677C9C148}]
2008-02-26 01:34 576352 --a------ C:\Program Files\Common Files\Symantec Shared\Backup\buShell.dll
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvMediaCenter"="C:\WINDOWS\System32\NVMCTRAY.DLL" [2003-10-06 14:16 49152]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 00:56 15360]
"WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [2006-10-18 21:05 204288]
"AdobeUpdater"="C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe" [2007-03-01 11:37 2321600]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="C:\WINDOWS\System32\NvCpl.dll" [2003-10-06 14:16 5058560]
"NvMixerTray"="C:\Program Files\NVIDIA Corporation\NvMixer\NvMixerTray.exe" [2004-03-03 14:30 131072]
"Lexmark X6100 Series"="C:\Program Files\Lexmark X6100 Series\lxbfbmgr.exe" [2003-05-16 03:10 57344]
"Google Desktop Search"="C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" [2008-02-14 16:40 1836544]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 23:16 39792]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 04:25 144784]
"PC Pitstop Optimize Scheduler"="C:\Program Files\PCPitstop\Optimize\PCPOptimize.exe" [2008-03-26 17:40 2577120]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2008-02-19 13:10 267048]
"ccApp"="C:\Program Files\Common Files\Symantec Shared\ccApp.exe" [2008-02-18 12:37 51048]
"osCheck"="C:\Program Files\Norton 360\osCheck.exe" [2008-02-26 07:50 988512]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2008-02-01 00:13 385024]
"nwiz"="nwiz.exe" [2003-10-06 14:16 741376 C:\WINDOWS\system32\nwiz.exe]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"Picasa Media Detector"="C:\Program Files\Picasa2\PicasaMediaDetector.exe" [2008-02-25 18:23 443968]
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office\OSA9.EXE [2000-01-21 01:15:54 65588]
WG111v2 Smart Wizard Wireless Setting.lnk - C:\Program Files\NETGEAR\WG111v2 Configuration Utility\RtlWake.exe [2007-09-13 14:50:44 745472]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=C:\PROGRA~1\Google\GOOGLE~4\GOEC62~1.DLL
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"UpdatesDisableNotify"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\Messenger\\msmsgs.exe"=
"C:\\Program Files\\Real\\RealPlayer\\realplay.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"C:\\Program Files\\Internet Explorer\\iexplore.exe"=
"C:\\Program Files\\iTunes\\iTunes.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
R1 BS_I2cIo;BS_I2cIo;C:\WINDOWS\System32\drivers\BS_I2cIo.sys [2003-11-20 16:04]
R2 EAPPkt;Realtek EAPPkt Protocol;C:\WINDOWS\system32\DRIVERS\EAPPkt.sys [2005-04-01 11:43]
R3 RTLWUSB;NETGEAR WG111v2 54Mbps Wireless USB 2.0 Adapter NT Driver;C:\WINDOWS\system32\DRIVERS\wg111v2.sys [2006-03-27 17:53]
S2 ousbehci;NEC PCI to USB Enhanced Host Controller;C:\WINDOWS\system32\Drivers\ousbehci.sys [2003-06-01 14:10]
S3 COH_Mon;COH_Mon;C:\WINDOWS\system32\Drivers\COH_Mon.sys [2008-03-06 21:32]
S3 ousb2hub;OrangeWare USB 2.0 Root Hub Support;C:\WINDOWS\system32\DRIVERS\ousb2hub.sys [2003-06-01 14:10]
S3 SjyPkt;SjyPkt;C:\WINDOWS\System32\Drivers\SjyPkt.sys [2002-10-02 08:57]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{66b570a4-a49f-11d9-a398-00e04cd2fd95}]
\Shell\Auto\command - D:\Start.exe
\Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Start.exe
*Newly Created Service* - CATCHME
*Newly Created Service* - COMHOST
.
Contents of the 'Scheduled Tasks' folder
"2008-07-04 01:10:00 C:\WINDOWS\Tasks\Ad-Aware SE Personal.job"
- C:\PROGRA~1\Lavasoft\AD-AWA~1\Ad-Aware.exe
"2008-06-28 19:00:07 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
"2008-06-30 10:30:10 C:\WINDOWS\Tasks\RegistrySmart Scheduled Scan.job"
- C:\Program Files\RegistrySmart\RegistrySmart.ex
- C:\Program Files\RegistrySmart
"2008-06-14 01:12:00 C:\WINDOWS\Tasks\Spybot - Search & Destroy.job"
- C:\PROGRA~1\SPYBOT~1\SpybotSD.exe
"2008-06-30 09:00:09 C:\WINDOWS\Tasks\wrSpySweeperTrialSweep.job"
- C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe&/ScheduleSweep=wrSpySweeperTrialSweep
- C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.ex
- A:\
.
**************************************************************************
catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.net
Rootkit scan 2008-07-07 14:42:14
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
Completion time: 2008-07-07 14:44:16
ComboFix-quarantined-files.txt 2008-07-07 21:43:51
ComboFix2.txt 2008-07-06 05:40:27
Pre-Run: 52,308,086,784 bytes free
Post-Run: 52,362,674,176 bytes free
201 --- E O F --- 2008-07-07 04:19:35
File imsins.BAK received on 07.07.2008 23:21:33 (CET)
Current status: finished
Result: 0/33 (0%)
Compact
Print results
Email:
Antivirus Version Last Update Result
AhnLab-V3 2008.7.4.1 2008.07.07 -
AntiVir 7.8.0.64 2008.07.07 -
Authentium 5.1.0.4 2008.07.06 -
Avast 4.8.1195.0 2008.07.07 -
AVG 7.5.0.516 2008.07.07 -
BitDefender 7.2 2008.07.07 -
CAT-QuickHeal 9.50 2008.07.07 -
ClamAV 0.93.1 2008.07.07 -
DrWeb 4.44.0.09170 2008.07.07 -
eSafe 7.0.17.0 2008.07.07 -
eTrust-Vet 31.6.5934 2008.07.07 -
Ewido 4.0 2008.07.07 -
F-Prot 4.4.4.56 2008.07.07 -
F-Secure 7.60.13501.0 2008.07.03 -
Fortinet 3.14.0.0 2008.07.07 -
GData 2.0.7306.1023 2008.07.07 -
Ikarus T3.1.1.26.0 2008.07.07 -
Kaspersky 7.0.0.125 2008.07.07 -
McAfee 5333 2008.07.07 -
Microsoft 1.3704 2008.07.07 -
NOD32v2 3248 2008.07.07 -
Norman 5.80.02 2008.07.07 -
Panda 9.0.0.4 2008.07.07 -
Prevx1 V2 2008.07.07 -
Rising 20.51.60.00 2008.07.06 -
Sophos 4.31.0 2008.07.07 -
Sunbelt 3.1.1509.1 2008.07.04 -
Symantec 10 2008.07.07 -
TheHacker 6.2.96.374 2008.07.07 -
TrendMicro 8.700.0.1004 2008.07.07 -
VBA32 3.12.6.8 2008.07.07 -
VirusBuster 4.5.11.0 2008.07.07 -
Webwasher-Gateway 6.6.2 2008.07.07 -
Additional information
File size: 1917 bytes
MD5...: 2d006764d6ac4779984365785fe3ada5
SHA1..: c25ecf0a18252ca83e6b28783ddd7b9a32f4a64b
SHA256: 9242f79cc9980224511c9719cb7e04688cc23b70c4968e1bb3f5a2f162851da8
SHA512: 2f48689f053f721b50a74f2c1afdcf439088edf43caca309c5850bb2c4f6d46c1e346c20e05c56550a8746ee9d842d65ecab664842b894abc767ed88bea3ab40
PEiD..: -
PEInfo: -
File mbmjgaep.tmp received on 07.07.2008 23:26:56 (CET)
Current status: finished
Result: 0/33 (0%)
Compact
Print results
Email:
Antivirus Version Last Update Result
AhnLab-V3 2008.7.8.0 2008.07.07 -
AntiVir 7.8.0.64 2008.07.07 -
Authentium 5.1.0.4 2008.07.06 -
Avast 4.8.1195.0 2008.07.07 -
AVG 7.5.0.516 2008.07.07 -
BitDefender 7.2 2008.07.07 -
CAT-QuickHeal 9.50 2008.07.07 -
ClamAV 0.93.1 2008.07.07 -
DrWeb 4.44.0.09170 2008.07.07 -
eSafe 7.0.17.0 2008.07.07 -
eTrust-Vet 31.6.5929 2008.07.05 -
Ewido 4.0 2008.07.07 -
F-Prot 4.4.4.56 2008.07.07 -
F-Secure 7.60.13501.0 2008.07.03 -
Fortinet 3.14.0.0 2008.07.07 -
GData 2.0.7306.1023 2008.07.07 -
Ikarus T3.1.1.26.0 2008.07.07 -
Kaspersky 7.0.0.125 2008.07.07 -
McAfee 5333 2008.07.07 -
Microsoft 1.3704 2008.07.07 -
NOD32v2 3248 2008.07.07 -
Norman 5.80.02 2008.07.07 -
Panda 9.0.0.4 2008.07.07 -
Prevx1 V2 2008.07.07 -
Rising 20.51.60.00 2008.07.06 -
Sophos 4.31.0 2008.07.07 -
Sunbelt 3.1.1509.1 2008.07.04 -
Symantec 10 2008.07.07 -
TheHacker 6.2.96.374 2008.07.07 -
TrendMicro 8.700.0.1004 2008.07.07 -
VBA32 3.12.6.8 2008.07.07 -
VirusBuster 4.5.11.0 2008.07.07 -
Webwasher-Gateway 6.6.2 2008.07.07 -
Additional information
File size: 1657164 bytes
MD5...: 385a09c5aa991b00f94992e0c001bf8b
SHA1..: 85200781840031d5305c25a4f045a17a734d3d7a
SHA256: 556230e946345e0f826be23f72f37fab238ef76a6f97ba2ac50e3b54bc9b023a
SHA512: 5c93be331455b20e83ae732b73fd3e6fcf220639f78892b522fb6cee8733adf042c62f5fc632b51e4d5f5653584bdaefe6aed7ea7512cbb01ede300d8689b624
PEiD..: -
PEInfo: -
File setup.exe received on 07.07.2008 23:28:59 (CET)
Current status: finished
Result: 0/33 (0%)
Compact
Print results
Email:
Antivirus Version Last Update Result
AhnLab-V3 2008.7.8.0 2008.07.07 -
AntiVir 7.8.0.64 2008.07.07 -
Authentium 5.1.0.4 2008.07.06 -
Avast 4.8.1195.0 2008.07.07 -
AVG 7.5.0.516 2008.07.07 -
BitDefender 7.2 2008.07.07 -
CAT-QuickHeal 9.50 2008.07.07 -
ClamAV 0.93.1 2008.07.07 -
DrWeb 4.44.0.09170 2008.07.07 -
eSafe 7.0.17.0 2008.07.07 -
eTrust-Vet 31.6.5934 2008.07.07 -
Ewido 4.0 2008.07.07 -
F-Prot 4.4.4.56 2008.07.07 -
F-Secure 7.60.13501.0 2008.07.03 -
Fortinet 3.14.0.0 2008.07.07 -
GData 2.0.7306.1023 2008.07.07 -
Ikarus T3.1.1.26.0 2008.07.07 -
Kaspersky 7.0.0.125 2008.07.07 -
McAfee 5333 2008.07.07 -
Microsoft 1.3704 2008.07.07 -
NOD32v2 3248 2008.07.07 -
Norman 5.80.02 2008.07.07 -
Panda 9.0.0.4 2008.07.07 -
Prevx1 V2 2008.07.07 -
Rising 20.51.60.00 2008.07.06 -
Sophos 4.31.0 2008.07.07 -
Sunbelt 3.1.1509.1 2008.07.04 -
Symantec 10 2008.07.07 -
TheHacker 6.2.96.374 2008.07.07 -
TrendMicro 8.700.0.1004 2008.07.07 -
VBA32 3.12.6.8 2008.07.07 -
VirusBuster 4.5.11.0 2008.07.07 -
Webwasher-Gateway 6.6.2 2008.07.07 -
Additional information
File size: 924392 bytes
MD5...: 653d37a00fd0a36db117e69d9db9940d
SHA1..: 8bfb03b5638b5d04354d03151eafa98416087191
SHA256: e76265c9368e9827fac90de7e5ea85c79405f5b07031d4673927f45c9dcc8760
SHA512: 2914daf969a2ff5f5e8b2216bc77292824a85948432845060566dc8c5831f0c442d3abf3fbf7c47c0dd3a70adbf339b0281e019f0bcfe9a195151930eb6fb5f7
PEiD..: -
PEInfo: PE Structure information( base data )entrypointaddress.: 0x4032d3timedatestamp.....: 0x43429117 (Tue Oct 04 14:26:31 2005)machinetype.......: 0x14c (I386)( 5 sections )name viradd virsiz rawdsiz ntrpy md5.text 0x1000 0x59ca 0x5a00 6.46 415d0ae9b0c2be5b45e2bcbd11fb407e.rdata 0x7000 0x10e8 0x1200 5.02 f870f90a47f7a2270ce674aad4684865.data 0x9000 0x1b3f4 0x400 5.12 1579dbc69ba4f679db829794dbb7c6be.ndata 0x25000 0x9000 0x0 0.00 d41d8cd98f00b204e9800998ecf8427e.rsrc 0x2e000 0x5000 0x4200 5.87 76c2be9b60af4f9f71383e1a9728dd04( 8 imports ) > KERNEL32.dll: SetFileTime, CompareFileTime, SearchPathA, GetShortPathNameA, GetFullPathNameA, MoveFileA, SetCurrentDirectoryA, GetFileAttributesA, GetLastError, CreateDirectoryA, SetFileAttributesA, Sleep, CreateFileA, GetFileSize, GetModuleFileNameA, GetTickCount, GetCurrentProcess, CopyFileA, ExitProcess, lstrcpynA, CloseHandle, GetWindowsDirectoryA, GetTempPathA, GetUserDefaultLangID, GetDiskFreeSpaceA, GlobalUnlock, GlobalLock, CreateThread, CreateProcessA, RemoveDirectoryA, GetTempFileNameA, SetEndOfFile, UnmapViewOfFile, MapViewOfFile, CreateFileMappingA, lstrcpyA, lstrlenA, lstrcatA, GetSystemDirectoryA, lstrcmpiA, GetEnvironmentVariableA, ExpandEnvironmentStringsA, GlobalFree, GlobalAlloc, WaitForSingleObject, GetExitCodeProcess, SetErrorMode, GetModuleHandleA, LoadLibraryA, GetProcAddress, FreeLibrary, MultiByteToWideChar, WritePrivateProfileStringA, MulDiv, GetPrivateProfileStringA, WriteFile, ReadFile, SetFilePointer, FindClose, FindNextFileA, FindFirstFileA, DeleteFileA, GetCommandLineA> USER32.dll: EndDialog, ScreenToClient, GetWindowRect, SetClassLongA, IsWindowEnabled, SetWindowPos, GetSysColor, GetWindowLongA, LoadCursorA, SetCursor, CheckDlgButton, GetMessagePos, LoadBitmapA, CallWindowProcA, IsWindowVisible, CloseClipboard, SetClipboardData, EmptyClipboard, OpenClipboard, RegisterClassA, AppendMenuA, CreatePopupMenu, GetSystemMetrics, SetDlgItemTextA, GetDlgItemTextA, MessageBoxA, CharPrevA, DispatchMessageA, PeekMessageA, CreateDialogParamA, DestroyWindow, SetTimer, SetWindowTextA, PostQuitMessage, SetForegroundWindow, ShowWindow, wsprintfA, SendMessageTimeoutA, SystemParametersInfoA, CreateWindowExA, GetClassInfoA, DialogBoxParamA, CharNextA, TrackPopupMenu, ExitWindowsEx, IsWindow, GetDlgItem, SetWindowLongA, LoadImageA, GetDC, EnableWindow, InvalidateRect, SendMessageA, DefWindowProcA, BeginPaint, GetClientRect, FillRect, DrawTextA, EndPaint, FindWindowExA> GDI32.dll: SetBkColor, GetDeviceCaps, DeleteObject, CreateBrushIndirect, CreateFontIndirectA, SetBkMode, SetTextColor, SelectObject> SHELL32.dll: SHGetMalloc, SHGetPathFromIDListA, SHBrowseForFolderA, ShellExecuteA, SHFileOperationA, SHGetSpecialFolderLocation> ADVAPI32.dll: RegQueryValueExA, RegSetValueExA, RegEnumKeyA, RegEnumValueA, RegOpenKeyExA, RegDeleteKeyA, RegDeleteValueA, RegCloseKey, RegCreateKeyExA> COMCTL32.dll: ImageList_AddMasked, ImageList_Destroy, -, ImageList_Create> ole32.dll: OleInitialize, OleUninitialize, CoCreateInstance> VERSION.dll: GetFileVersionInfoSizeA, GetFileVersionInfoA, VerQueryValueA( 0 exports )