Dodgy DPF

Discussion in 'SpywareBlaster & Other Forum' started by Daemon, Jan 15, 2005.

Thread Status:
Not open for further replies.
  1. Daemon

    Daemon Registered Member

    Joined:
    Feb 20, 2004
    Posts:
    2
    Location:
    UK
    As found in a HJT log. Is there a board for identifying these or is posting here OK?

    O16 - DPF: {3DC81D21-BF4B-7A42-EE3A-0A6E1F00CC3D} - hxxp://66.117.37.5/1/rdgGB298.exe


    Jotti's malware scan

    File: rdgGB298.exe
    Status: INFECTED/MALWARE (Note: only non-destructive malware has been found. Considering the non-destructive nature of samples like these - although they can be a pain in the ass -, results will not be stored in the database.)
    Packers detected: UPX

    AntiVir DIAL/Generic dialer (0.94 seconds taken)
    Avast No viruses found (3.15 seconds taken)
    BitDefender No viruses found (1.40 seconds taken)
    ClamAV No viruses found (1.38 seconds taken)
    Dr.Web No viruses found (3.22 seconds taken)
    F-Prot Antivirus No viruses found (0.06 seconds taken)
    Kaspersky Anti-Virus not-a-virus:porn-Dialer.Win32.GBDialer.a (4.62 seconds taken)
    mks_vir No viruses found (2.34 seconds taken)
    NOD32 No viruses found (3.31 seconds taken)
    Norman Virus Control No viruses found (1.68 seconds taken)
     
  2. snowbound

    snowbound Retired Moderator

    Joined:
    Feb 18, 2003
    Posts:
    8,723
    Location:
    The Big Smoke
    Hi Daemon. :)

    This is not the proper forum but as for HJT, Wilders no longer supplies hijack cleaning services. See here,

    https://www.wilderssecurity.com/showthread.php?t=42148

    It is best u post your full HJT log in one of the forums in that link for expert analysis.



    snowbound
     
  3. Daemon

    Daemon Registered Member

    Joined:
    Feb 20, 2004
    Posts:
    2
    Location:
    UK
    Apologies - I should have been a little more articulate in my post. I'm not looking for assistance - the DPF was in a HJT log I cleaned at Spyware Info (where I am a mod :p ).

    It isn't detected by SpywareBlaster, I was posting it to bring it to Javacool's attention. If there is an alternative way of submitting these, I'd be grateful if you could point me at it.

    Thanks.
     
  4. snowbound

    snowbound Retired Moderator

    Joined:
    Feb 18, 2003
    Posts:
    8,723
    Location:
    The Big Smoke
    No need to apologize. I just misinterpreted your question. ;)

    U can submit your malware here or send Javacool a PM through his profile.
    :)


    snowbound
     
Thread Status:
Not open for further replies.