PDA

View Full Version : Dodgy DPF

Daemon
January 15th, 2005, 09:12 AM
As found in a HJT log. Is there a board for identifying these or is posting here OK?

O16 - DPF: {3DC81D21-BF4B-7A42-EE3A-0A6E1F00CC3D} - hxxp://66.117.37.5/1/rdgGB298.exe


Jotti's malware scan

File: rdgGB298.exe
Status: INFECTED/MALWARE (Note: only non-destructive malware has been found. Considering the non-destructive nature of samples like these - although they can be a pain in the ass -, results will not be stored in the database.)
Packers detected: UPX

AntiVir DIAL/Generic dialer (0.94 seconds taken)
Avast No viruses found (3.15 seconds taken)
BitDefender No viruses found (1.40 seconds taken)
ClamAV No viruses found (1.38 seconds taken)
Dr.Web No viruses found (3.22 seconds taken)
F-Prot Antivirus No viruses found (0.06 seconds taken)
Kaspersky Anti-Virus not-a-virus:Porn-Dialer.Win32.GBDialer.a (4.62 seconds taken)
mks_vir No viruses found (2.34 seconds taken)
NOD32 No viruses found (3.31 seconds taken)
Norman Virus Control No viruses found (1.68 seconds taken)
snowbound
January 15th, 2005, 09:21 AM
Hi Daemon. :)

This is not the proper forum but as for HJT, Wilders no longer supplies hijack cleaning services. See here,

http://www.wilderssecurity.com/showthread.php?t=42148

It is best u post your full HJT log in one of the forums in that link for expert analysis.



snowbound
Daemon
January 15th, 2005, 09:36 AM
Apologies - I should have been a little more articulate in my post. I'm not looking for assistance - the DPF was in a HJT log I cleaned at Spyware Info (where I am a mod :P ).

It isn't detected by SpywareBlaster, I was posting it to bring it to Javacool's attention. If there is an alternative way of submitting these, I'd be grateful if you could point me at it.

Thanks.
snowbound
January 15th, 2005, 12:36 PM
{QUOTE-> Apologies - I should have been a little more articulate in my post. I'm not looking for assistance - the DPF was in a HJT log I cleaned at Spyware Info (where I am a mod :P ).

It isn't detected by SpywareBlaster, I was posting it to bring it to Javacool's attention. If there is an alternative way of submitting these, I'd be grateful if you could point me at it.

Thanks. <-QUOTE}

No need to apologize. I just misinterpreted your question. ;)

U can submit your malware here or send Javacool a PM through his profile.
:)


snowbound