Tech Support Forum - View Single Post

mpkthecpa · 08-07-2008, 08:19 PM

here are the results.....

File iehlpr32.dll received on 08.08.2008 04:16:39 (CET)
Current status: finished

Result: 27/36 (75%)

Antivirus Version Last Update Result
AhnLab-V3 2008.8.8.0 2008.08.07 -
AntiVir 7.8.1.19 2008.08.07 TR/Dldr.Agent.vaq
Authentium 5.1.0.4 2008.08.07 W32/Bongler-based!Maximus
Avast 4.8.1195.0 2008.08.07 Win32:Agent-AAJZ
AVG 8.0.0.156 2008.08.08 Downloader.Generic7.VXX
BitDefender 7.2 2008.08.08 Trojan.Generic.347747
CAT-QuickHeal 9.50 2008.08.07 TrojanDownloader.Agent.vaq
ClamAV 0.93.1 2008.08.08 Trojan.Downloader-46511
DrWeb 4.44.0.09170 2008.08.07 -
eSafe 7.0.17.0 2008.08.07 Suspicious File
eTrust-Vet 31.6.6018 2008.08.07 -
Ewido 4.0 2008.08.07 Downloader.Agent.vaq
F-Prot 4.4.4.56 2008.08.07 W32/Bongler-based!Maximus
F-Secure 7.60.13501.0 2008.08.08 Trojan-Downloader.Win32.Agent.vaq
Fortinet 3.14.0.0 2008.08.07 -
GData 2.0.7306.1023 2008.08.08 Trojan-Downloader.Win32.Agent.vaq
Ikarus T3.1.1.34.0 2008.08.08 Trojan-Downloader.Win32.Agent.vaq
K7AntiVirus 7.10.407 2008.08.07 Trojan-Downloader.Win32.Agent.vaq
Kaspersky 7.0.0.125 2008.08.08 Trojan-Downloader.Win32.Agent.vaq
McAfee 5356 2008.08.07 Generic Downloader.g
Microsoft 1.3807 2008.08.08 TrojanDownloader:Win32/Agent.HU
NOD32v2 3338 2008.08.07 -
Norman 5.80.02 2008.08.06 W32/DLoader.HWUF
Panda 9.0.0.4 2008.08.07 Suspicious file
PCTools 4.4.2.0 2008.08.07 Trojan.Popuper
Prevx1 V2 2008.08.08 Malware Downloader
Rising 20.56.32.00 2008.08.07 -
Sophos 4.32.0 2008.08.08 -
Sunbelt 3.1.1537.1 2008.08.07 -
Symantec 10 2008.08.08 Downloader
TheHacker 6.2.96.394 2008.08.08 Trojan/Downloader.Agent.vaq
TrendMicro 8.700.0.1004 2008.08.07 PAK_Generic.001
VBA32 3.12.8.3 2008.08.07 Trojan-Downloader.Win32.Agent.vaq
ViRobot 2008.8.7.1328 2008.08.07 Trojan.Win32.Downloader.7192
VirusBuster 4.5.11.0 2008.08.07 -
Webwasher-Gateway 6.6.2 2008.08.08 Trojan.Dldr.Agent.vaq
Additional information
File size: 7192 bytes
MD5...: 235bcb9c9721827f7e2431928c3fb568
SHA1..: 3ff53986d905a1da8f51bc5abcc6ada41d820770
SHA256: 419f0aa707d0719261aa9726afce8378e814ac8116e30cef1e71e59980d17100
SHA512: 3196d2c4c26d42b41f3652ffce63d2042767a2d3b8305fa322b3437f8bcaa815
0c6db50deb2fa61267d479cb9739d7dc6fbb01863c1f78ad459c65437a83186a
PEiD..: -
PEInfo: PE Structure information

( base data )
entrypointaddress.: 0x10006250
timedatestamp.....: 0x4859b3c8 (Thu Jun 19 01:18:00 2008)
machinetype.......: 0x14c (I386)

( 3 sections )
name viradd virsiz rawdsiz ntrpy md5
UPX0 0x1000 0x4000 0x0 0.00 d41d8cd98f00b204e9800998ecf8427e
UPX1 0x5000 0x2000 0x1600 7.43 1289d1fde3d2a9f0fe54803930fff6ee
UPX2 0x7000 0x1000 0x200 3.36 d4afe41c8d2785bfa116ea2adb746cae

( 4 imports )
> KERNEL32.DLL: LoadLibraryA, GetProcAddress, VirtualProtect, VirtualAlloc, VirtualFree
> RPCRT4.dll: UuidToStringA
> USER32.dll: wsprintfA
> WININET.dll: InternetOpenA

( 1 exports )
DllCanUnloadNow

Prevx info: http://info.prevx.com/aboutprogramte...25A30030C10EBB
packers (Kaspersky): PE_Patch.UPX, UPX
packers (Authentium): UPX
packers (F-Prot): UPX

08-07-2008, 08:19 PM	#6 (permalink)
mpkthecpa Registered User Join Date: Feb 2005 Posts: 58 OS: XP	Re: Issue with ADWare...Please help here are the results..... File iehlpr32.dll received on 08.08.2008 04:16:39 (CET) Current status: finished Result: 27/36 (75%) Antivirus Version Last Update Result AhnLab-V3 2008.8.8.0 2008.08.07 - AntiVir 7.8.1.19 2008.08.07 TR/Dldr.Agent.vaq Authentium 5.1.0.4 2008.08.07 W32/Bongler-based!Maximus Avast 4.8.1195.0 2008.08.07 Win32:Agent-AAJZ AVG 8.0.0.156 2008.08.08 Downloader.Generic7.VXX BitDefender 7.2 2008.08.08 Trojan.Generic.347747 CAT-QuickHeal 9.50 2008.08.07 TrojanDownloader.Agent.vaq ClamAV 0.93.1 2008.08.08 Trojan.Downloader-46511 DrWeb 4.44.0.09170 2008.08.07 - eSafe 7.0.17.0 2008.08.07 Suspicious File eTrust-Vet 31.6.6018 2008.08.07 - Ewido 4.0 2008.08.07 Downloader.Agent.vaq F-Prot 4.4.4.56 2008.08.07 W32/Bongler-based!Maximus F-Secure 7.60.13501.0 2008.08.08 Trojan-Downloader.Win32.Agent.vaq Fortinet 3.14.0.0 2008.08.07 - GData 2.0.7306.1023 2008.08.08 Trojan-Downloader.Win32.Agent.vaq Ikarus T3.1.1.34.0 2008.08.08 Trojan-Downloader.Win32.Agent.vaq K7AntiVirus 7.10.407 2008.08.07 Trojan-Downloader.Win32.Agent.vaq Kaspersky 7.0.0.125 2008.08.08 Trojan-Downloader.Win32.Agent.vaq McAfee 5356 2008.08.07 Generic Downloader.g Microsoft 1.3807 2008.08.08 TrojanDownloader:Win32/Agent.HU NOD32v2 3338 2008.08.07 - Norman 5.80.02 2008.08.06 W32/DLoader.HWUF Panda 9.0.0.4 2008.08.07 Suspicious file PCTools 4.4.2.0 2008.08.07 Trojan.Popuper Prevx1 V2 2008.08.08 Malware Downloader Rising 20.56.32.00 2008.08.07 - Sophos 4.32.0 2008.08.08 - Sunbelt 3.1.1537.1 2008.08.07 - Symantec 10 2008.08.08 Downloader TheHacker 6.2.96.394 2008.08.08 Trojan/Downloader.Agent.vaq TrendMicro 8.700.0.1004 2008.08.07 PAK_Generic.001 VBA32 3.12.8.3 2008.08.07 Trojan-Downloader.Win32.Agent.vaq ViRobot 2008.8.7.1328 2008.08.07 Trojan.Win32.Downloader.7192 VirusBuster 4.5.11.0 2008.08.07 - Webwasher-Gateway 6.6.2 2008.08.08 Trojan.Dldr.Agent.vaq Additional information File size: 7192 bytes MD5...: 235bcb9c9721827f7e2431928c3fb568 SHA1..: 3ff53986d905a1da8f51bc5abcc6ada41d820770 SHA256: 419f0aa707d0719261aa9726afce8378e814ac8116e30cef1e71e59980d17100 SHA512: 3196d2c4c26d42b41f3652ffce63d2042767a2d3b8305fa322b3437f8bcaa815 0c6db50deb2fa61267d479cb9739d7dc6fbb01863c1f78ad459c65437a83186a PEiD..: - PEInfo: PE Structure information ( base data ) entrypointaddress.: 0x10006250 timedatestamp.....: 0x4859b3c8 (Thu Jun 19 01:18:00 2008) machinetype.......: 0x14c (I386) ( 3 sections ) name viradd virsiz rawdsiz ntrpy md5 UPX0 0x1000 0x4000 0x0 0.00 d41d8cd98f00b204e9800998ecf8427e UPX1 0x5000 0x2000 0x1600 7.43 1289d1fde3d2a9f0fe54803930fff6ee UPX2 0x7000 0x1000 0x200 3.36 d4afe41c8d2785bfa116ea2adb746cae ( 4 imports ) > KERNEL32.DLL: LoadLibraryA, GetProcAddress, VirtualProtect, VirtualAlloc, VirtualFree > RPCRT4.dll: UuidToStringA > USER32.dll: wsprintfA > WININET.dll: InternetOpenA ( 1 exports ) DllCanUnloadNow Prevx info: http://info.prevx.com/aboutprogramte...25A30030C10EBB packers (Kaspersky): PE_Patch.UPX, UPX packers (Authentium): UPX packers (F-Prot): UPX