Tech Support Forum - View Single Post

**pipeplug** · 06-24-2009, 05:53 PM

When I entered the C:\iexplorer520.exe my AVG software threw up a red flag that it was infected so I sent it to the vault. Tried again and now the PC says it can't find the file. Please advise. The other file follows.

File apnet.exe received on 2009.06.24 23:50:41 (UTC)
Current status: Loading ... queued waiting scanning finished NOT FOUND STOPPED
Result: 25/41 (60.98%)
Loading server information...
Your file is queued in position: 2.
Estimated start time is between 52 and 75 seconds.
Do not close the window until scan is complete.
The scanner that was processing your file is stopped at this moment, we are going to wait a few seconds to try to recover your result.
If you are waiting for more than five minutes you have to resend your file.
Your file is being scanned by VirusTotal in this moment,
results will be shown as they're generated.
Compact Compact
Print results Print results
Your file has expired or does not exists.
Service is stopped in this moments, your file is waiting to be scanned (position: ) for an undefined time.

You can wait for web response (automatic reload) or type your email in the form below and click "request" so the system sends you a notification when the scan is finished.
Email:

Antivirus Version Last Update Result
a-squared 4.5.0.18 2009.06.24 BAT.Trojan.FormatCQ!IK
AhnLab-V3 5.0.0.2 2009.06.24 -
AntiVir 7.9.0.196 2009.06.24 TR/Generic.1568657
Antiy-AVL 2.0.3.1 2009.06.24 -
Authentium 5.1.2.4 2009.06.24 W32/Backdoor2.ELUF
Avast 4.8.1335.0 2009.06.24 -
AVG 8.5.0.339 2009.06.24 -
BitDefender 7.2 2009.06.25 Trojan.Generic.1568657
CAT-QuickHeal 10.00 2009.06.22 Trojan.Agent.IRC
ClamAV 0.94.1 2009.06.25 -
Comodo 1405 2009.06.24 UnclassifiedMalware
DrWeb 5.0.0.12182 2009.06.24 Trojan.Hosts.82
eSafe 7.0.17.0 2009.06.24 Win32.GenericDropper
eTrust-Vet 31.6.6577 2009.06.24 Win32/Droplet.JY
F-Prot 4.4.4.56 2009.06.24 W32/Backdoor2.ELUF
F-Secure 8.0.14470.0 2009.06.25 -
Fortinet 3.117.0.0 2009.06.24 PossibleThreat
GData 19 2009.06.25 Trojan.Generic.1568657
Ikarus T3.1.1.59.0 2009.06.24 BAT.Trojan.FormatCQ
Jiangmin 11.0.706 2009.06.24 Trojan/Agent.cdnm
K7AntiVirus 7.10.768 2009.06.19 -
Kaspersky 7.0.0.125 2009.06.25 -
McAfee 5656 2009.06.24 Generic Dropper!hv.h
McAfee+Artemis 5656 2009.06.24 Generic Dropper!hv.h
McAfee-GW-Edition 6.7.6 2009.06.25 Trojan.Generic.1568657
Microsoft 1.4803 2009.06.24 TrojanClicker:Win32/Napeam.A
NOD32 4186 2009.06.24 -
Norman 6.01.09 2009.06.24 -
nProtect 2009.1.8.0 2009.06.24 Trojan/W32.Agent.48128.AS
Panda 10.0.0.16 2009.06.24 -
PCTools 4.4.2.0 2009.06.24 -
Prevx 3.0 2009.06.25 Medium Risk Malware
Rising 21.35.24.00 2009.06.24 -
Sophos 4.43.0 2009.06.24 Mal/Generic-A
Sunbelt 3.2.1858.2 2009.06.25 Trojan.1
Symantec 1.4.4.12 2009.06.25 Trojan Horse
TheHacker 6.3.4.3.353 2009.06.24 -
TrendMicro 8.950.0.1094 2009.06.24 -
VBA32 3.12.10.7 2009.06.24 Trojan.Win32.Agent.bvxl
ViRobot 2009.6.24.1802 2009.06.24 -
VirusBuster 4.6.5.0 2009.06.24 Trojan.Generic.TR
Additional information
File size: 48128 bytes
MD5...: 0cabd8b0ea43421347224deed29a57c8
SHA1..: f3e2763eac86e0531c5626d3caf4f75707a9e4f6
SHA256: cb0f2effb54b243c3433e22f7aca26fe14c2612b98d0a7fd7fb891d3c09e4520
ssdeep: 768:g9J8NowRheD8/3rJiUqyet8w9abyzm5E50kyoVonvzRiZljBwiwo5sW3LhaN
IC48:g9wvQUreUbyzABq2mLha2O35
PEiD..: -
TrID..: File type identification
Win32 Executable Generic (38.4%)
Win32 Dynamic Link Library (generic) (34.1%)
Win16/32 Executable Delphi generic (9.3%)
Generic Win/DOS Executable (9.0%)
DOS Executable Generic (9.0%)
PEInfo: PE Structure information

( base data )
entrypointaddress.: 0xa0c0
timedatestamp.....: 0x2a425e19 (Fri Jun 19 22:22:17 1992)
machinetype.......: 0x14c (I386)

( 8 sections )
name viradd virsiz rawdsiz ntrpy md5
CODE 0x1000 0x9558 0x9600 6.36 2bd3f16ed4bcb4c37d0078769daa28c3
DATA 0xb000 0x45c 0x600 3.09 d912183338edaf40b4cf455aba92f9f5
BSS 0xc000 0x965 0x0 0.00 d41d8cd98f00b204e9800998ecf8427e
.idata 0xd000 0x8ca 0xa00 4.23 2a435f04c2ff4ca8018ccdaabf9f19f1
.tls 0xe000 0x8 0x0 0.00 d41d8cd98f00b204e9800998ecf8427e
.rdata 0xf000 0x18 0x200 0.20 994c454bc9dd923a2dd36d6f9b3a0d6b
.reloc 0x10000 0xed8 0x0 0.00 d41d8cd98f00b204e9800998ecf8427e
.rsrc 0x11000 0xf40 0x1000 3.94 02b6bc2f14c34a4ad9a55330a9068c93

( 7 imports )
> kernel32.dll: DeleteCriticalSection, LeaveCriticalSection, EnterCriticalSection, InitializeCriticalSection, VirtualFree, VirtualAlloc, LocalFree, LocalAlloc, GetVersion, GetCurrentThreadId, WideCharToMultiByte, lstrlenA, lstrcpynA, LoadLibraryExA, GetThreadLocale, GetStartupInfoA, GetProcAddress, GetModuleHandleA, GetModuleFileNameA, GetLocaleInfoA, GetCommandLineA, FreeLibrary, FindFirstFileA, FindClose, ExitProcess, WriteFile, UnhandledExceptionFilter, RtlUnwind, RaiseException, GetStdHandle
> user32.dll: GetKeyboardType, LoadStringA, MessageBoxA, CharNextA
> advapi32.dll: RegQueryValueExA, RegOpenKeyExA, RegCloseKey
> oleaut32.dll: SysFreeString
> kernel32.dll: TlsSetValue, TlsGetValue, LocalAlloc, GetModuleHandleA
> kernel32.dll: WriteFile, WaitForSingleObject, VirtualQuery, SizeofResource, SetFilePointer, SetFileAttributesA, SetEnvironmentVariableA, SetEndOfFile, ReadFile, LockResource, LoadResource, GlobalUnlock, GlobalReAlloc, GlobalHandle, GlobalLock, GlobalFree, GlobalAlloc, GetWindowsDirectoryA, GetVersionExA, GetThreadLocale, GetTempFileNameA, GetStringTypeExA, GetStdHandle, GetShortPathNameA, GetProcAddress, GetModuleHandleA, GetModuleFileNameA, GetLocaleInfoA, GetLastError, GetFullPathNameA, GetFileAttributesA, GetExitCodeProcess, GetEnvironmentVariableA, GetDiskFreeSpaceA, GetCommandLineA, GetCPInfo, GetACP, FreeResource, FormatMessageA, FindResourceA, EnumCalendarInfoA, DeleteFileA, CreateProcessA, CreateFileA, CloseHandle
> user32.dll: MessageBoxA, LoadStringA, GetSystemMetrics, CharPrevA, CharNextA, CharToOemA

( 0 exports )
PDFiD.: -
RDS...: NSRL Reference Data Set
-
Prevx info: <a href='http://info.prevx.com/aboutprogramtext.asp?PX5=5D693BD000EFDD65BC3600B801C7FE00C121F623' target='_blank'>http://info.prevx.com/aboutprogramte...C7FE00C121F623</a>

06-24-2009, 05:53 PM	#5 (permalink)
pipeplug I helped the forums. Join Date: Jun 2009 Posts: 11 OS: xp	Re: Search Choices get Redirected When I entered the C:\iexplorer520.exe my AVG software threw up a red flag that it was infected so I sent it to the vault. Tried again and now the PC says it can't find the file. Please advise. The other file follows. File apnet.exe received on 2009.06.24 23:50:41 (UTC) Current status: Loading ... queued waiting scanning finished NOT FOUND STOPPED Result: 25/41 (60.98%) Loading server information... Your file is queued in position: 2. Estimated start time is between 52 and 75 seconds. Do not close the window until scan is complete. The scanner that was processing your file is stopped at this moment, we are going to wait a few seconds to try to recover your result. If you are waiting for more than five minutes you have to resend your file. Your file is being scanned by VirusTotal in this moment, results will be shown as they're generated. Compact Compact Print results Print results Your file has expired or does not exists. Service is stopped in this moments, your file is waiting to be scanned (position: ) for an undefined time. You can wait for web response (automatic reload) or type your email in the form below and click "request" so the system sends you a notification when the scan is finished. Email: Antivirus Version Last Update Result a-squared 4.5.0.18 2009.06.24 BAT.Trojan.FormatCQ!IK AhnLab-V3 5.0.0.2 2009.06.24 - AntiVir 7.9.0.196 2009.06.24 TR/Generic.1568657 Antiy-AVL 2.0.3.1 2009.06.24 - Authentium 5.1.2.4 2009.06.24 W32/Backdoor2.ELUF Avast 4.8.1335.0 2009.06.24 - AVG 8.5.0.339 2009.06.24 - BitDefender 7.2 2009.06.25 Trojan.Generic.1568657 CAT-QuickHeal 10.00 2009.06.22 Trojan.Agent.IRC ClamAV 0.94.1 2009.06.25 - Comodo 1405 2009.06.24 UnclassifiedMalware DrWeb 5.0.0.12182 2009.06.24 Trojan.Hosts.82 eSafe 7.0.17.0 2009.06.24 Win32.GenericDropper eTrust-Vet 31.6.6577 2009.06.24 Win32/Droplet.JY F-Prot 4.4.4.56 2009.06.24 W32/Backdoor2.ELUF F-Secure 8.0.14470.0 2009.06.25 - Fortinet 3.117.0.0 2009.06.24 PossibleThreat GData 19 2009.06.25 Trojan.Generic.1568657 Ikarus T3.1.1.59.0 2009.06.24 BAT.Trojan.FormatCQ Jiangmin 11.0.706 2009.06.24 Trojan/Agent.cdnm K7AntiVirus 7.10.768 2009.06.19 - Kaspersky 7.0.0.125 2009.06.25 - McAfee 5656 2009.06.24 Generic Dropper!hv.h McAfee+Artemis 5656 2009.06.24 Generic Dropper!hv.h McAfee-GW-Edition 6.7.6 2009.06.25 Trojan.Generic.1568657 Microsoft 1.4803 2009.06.24 TrojanClicker:Win32/Napeam.A NOD32 4186 2009.06.24 - Norman 6.01.09 2009.06.24 - nProtect 2009.1.8.0 2009.06.24 Trojan/W32.Agent.48128.AS Panda 10.0.0.16 2009.06.24 - PCTools 4.4.2.0 2009.06.24 - Prevx 3.0 2009.06.25 Medium Risk Malware Rising 21.35.24.00 2009.06.24 - Sophos 4.43.0 2009.06.24 Mal/Generic-A Sunbelt 3.2.1858.2 2009.06.25 Trojan.1 Symantec 1.4.4.12 2009.06.25 Trojan Horse TheHacker 6.3.4.3.353 2009.06.24 - TrendMicro 8.950.0.1094 2009.06.24 - VBA32 3.12.10.7 2009.06.24 Trojan.Win32.Agent.bvxl ViRobot 2009.6.24.1802 2009.06.24 - VirusBuster 4.6.5.0 2009.06.24 Trojan.Generic.TR Additional information File size: 48128 bytes MD5...: 0cabd8b0ea43421347224deed29a57c8 SHA1..: f3e2763eac86e0531c5626d3caf4f75707a9e4f6 SHA256: cb0f2effb54b243c3433e22f7aca26fe14c2612b98d0a7fd7fb891d3c09e4520 ssdeep: 768:g9J8NowRheD8/3rJiUqyet8w9abyzm5E50kyoVonvzRiZljBwiwo5sW3LhaN IC48:g9wvQUreUbyzABq2mLha2O35 PEiD..: - TrID..: File type identification Win32 Executable Generic (38.4%) Win32 Dynamic Link Library (generic) (34.1%) Win16/32 Executable Delphi generic (9.3%) Generic Win/DOS Executable (9.0%) DOS Executable Generic (9.0%) PEInfo: PE Structure information ( base data ) entrypointaddress.: 0xa0c0 timedatestamp.....: 0x2a425e19 (Fri Jun 19 22:22:17 1992) machinetype.......: 0x14c (I386) ( 8 sections ) name viradd virsiz rawdsiz ntrpy md5 CODE 0x1000 0x9558 0x9600 6.36 2bd3f16ed4bcb4c37d0078769daa28c3 DATA 0xb000 0x45c 0x600 3.09 d912183338edaf40b4cf455aba92f9f5 BSS 0xc000 0x965 0x0 0.00 d41d8cd98f00b204e9800998ecf8427e .idata 0xd000 0x8ca 0xa00 4.23 2a435f04c2ff4ca8018ccdaabf9f19f1 .tls 0xe000 0x8 0x0 0.00 d41d8cd98f00b204e9800998ecf8427e .rdata 0xf000 0x18 0x200 0.20 994c454bc9dd923a2dd36d6f9b3a0d6b .reloc 0x10000 0xed8 0x0 0.00 d41d8cd98f00b204e9800998ecf8427e .rsrc 0x11000 0xf40 0x1000 3.94 02b6bc2f14c34a4ad9a55330a9068c93 ( 7 imports ) > kernel32.dll: DeleteCriticalSection, LeaveCriticalSection, EnterCriticalSection, InitializeCriticalSection, VirtualFree, VirtualAlloc, LocalFree, LocalAlloc, GetVersion, GetCurrentThreadId, WideCharToMultiByte, lstrlenA, lstrcpynA, LoadLibraryExA, GetThreadLocale, GetStartupInfoA, GetProcAddress, GetModuleHandleA, GetModuleFileNameA, GetLocaleInfoA, GetCommandLineA, FreeLibrary, FindFirstFileA, FindClose, ExitProcess, WriteFile, UnhandledExceptionFilter, RtlUnwind, RaiseException, GetStdHandle > user32.dll: GetKeyboardType, LoadStringA, MessageBoxA, CharNextA > advapi32.dll: RegQueryValueExA, RegOpenKeyExA, RegCloseKey > oleaut32.dll: SysFreeString > kernel32.dll: TlsSetValue, TlsGetValue, LocalAlloc, GetModuleHandleA > kernel32.dll: WriteFile, WaitForSingleObject, VirtualQuery, SizeofResource, SetFilePointer, SetFileAttributesA, SetEnvironmentVariableA, SetEndOfFile, ReadFile, LockResource, LoadResource, GlobalUnlock, GlobalReAlloc, GlobalHandle, GlobalLock, GlobalFree, GlobalAlloc, GetWindowsDirectoryA, GetVersionExA, GetThreadLocale, GetTempFileNameA, GetStringTypeExA, GetStdHandle, GetShortPathNameA, GetProcAddress, GetModuleHandleA, GetModuleFileNameA, GetLocaleInfoA, GetLastError, GetFullPathNameA, GetFileAttributesA, GetExitCodeProcess, GetEnvironmentVariableA, GetDiskFreeSpaceA, GetCommandLineA, GetCPInfo, GetACP, FreeResource, FormatMessageA, FindResourceA, EnumCalendarInfoA, DeleteFileA, CreateProcessA, CreateFileA, CloseHandle > user32.dll: MessageBoxA, LoadStringA, GetSystemMetrics, CharPrevA, CharNextA, CharToOemA ( 0 exports ) PDFiD.: - RDS...: NSRL Reference Data Set - Prevx info: <a href='http://info.prevx.com/aboutprogramtext.asp?PX5=5D693BD000EFDD65BC3600B801C7FE00C121F623' target='_blank'>http://info.prevx.com/aboutprogramte...C7FE00C121F623</a>