Blocked from running Spybot or any other malware remover

**ryodin** · 2011-08-21, 22:50

I booted up in Safe Mode and am running ComboFix now.

The scan started at 4:20. It made it to Stage 50 complete at 4:35. It's 4:50 now and it has not gone beyond this point. Just as before, I'm fearing that this may be the best I can get out of ComboFix. The last time it sat there after Stage 50 complete for an hour before I gave up and shut it down.

I get the feeling this is going to happen again, even though it's only been 15 minutes. I'm leaving it running for now, but I'm not so sure it's going to make a difference.

--Ryodin

**ryodin** · 2011-08-22, 01:10

Quick update.

It's been over 2 hours now and still no change. The c:\Autoscan window is still open, and the command prompt is still blinking, but nothing has finalized.

Since I have no other options at this point, I suppose I'll just keep ComboFix running all night. If there's something else you want me to try, I'll do it. But for now I won't reply back tonight unless something changes.

--Ryodin

**ryodin** · 2011-08-22, 04:13

Well, looks like I have to learn a little patience.

It took 5 hours, but it seems I've got my ComboFix log for you after all! I'm pasting it below. For now I'm keeping my PC in Safe Mode. Let me know if it is safe for me to reboot into normal mode.

========================================================
ComboFix 11-08-21.01 - David Batista 08/21/2011 16:19:14.5.1 - x86 NETWORK
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.2046.1683 [GMT -4:00]
Running from: c:\documents and settings\David Batista\Desktop\ryod.exe
AV: Lavasoft Ad-Watch Live! Anti-Virus *Disabled/Updated* {A1C4F2E0-7FDE-4917-AFAE-013EFC3EDE33}
AV: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {84B5EE75-6421-4CDE-A33A-DD43BA9FAD83}
FW: McAfee Firewall *Disabled* {94894B63-8C7F-4050-BDA4-813CA00DA3E8}
.
.
((((((((((((((((((((((((( Files Created from 2011-07-22 to 2011-08-22 )))))))))))))))))))))))))))))))
.
.
2011-08-19 23:31 . 2011-08-19 23:31 -------- d--h--w- c:\windows\PIF
2011-08-19 02:16 . 2011-08-19 02:16 388096 ----a-r- c:\documents and settings\David Batista\Application Data\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2011-07-23 15:02 . 2011-07-23 15:02 -------- d-----w- c:\program files\Bonjour
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-08-13 16:13 . 2011-05-19 02:11 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-07-17 17:20 . 2011-01-09 18:00 101720 ----a-w- c:\windows\system32\drivers\SBREDrv.sys
2011-07-15 13:29 . 2002-08-29 11:00 456320 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-07-12 15:20 . 2011-07-12 15:20 83816 ----a-w- c:\windows\system32\dns-sd.exe
2011-07-12 15:20 . 2011-07-12 15:20 73064 ----a-w- c:\windows\system32\dnssd.dll
2011-07-08 14:02 . 2002-08-29 11:00 10496 ----a-w- c:\windows\system32\drivers\ndistapi.sys
2011-06-24 14:10 . 2002-08-29 11:00 139656 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2011-06-23 18:36 . 2004-02-06 22:05 916480 ----a-w- c:\windows\system32\wininet.dll
2011-06-23 18:36 . 2002-08-29 11:00 43520 ----a-w- c:\windows\system32\licmgr10.dll
2011-06-23 18:36 . 2002-08-29 11:00 1469440 ------w- c:\windows\system32\inetcpl.cpl
2011-06-23 12:05 . 2004-08-04 05:59 385024 ----a-w- c:\windows\system32\html.iec
2011-06-20 17:44 . 2002-08-29 11:00 293376 ----a-w- c:\windows\system32\winsrv.dll
2011-06-02 14:02 . 2002-08-29 11:00 1858944 ----a-w- c:\windows\system32\win32k.sys
2006-03-26 00:22 . 2006-03-26 00:23 774144 ----a-w- c:\program files\RngInterstitial.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\documents and settings\David Batista\Application Data\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\documents and settings\David Batista\Application Data\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\documents and settings\David Batista\Application Data\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\documents and settings\David Batista\Application Data\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2006-10-19 204288]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"mcui_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2011-06-23 1306728]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2010-11-29 421888]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2011-02-18 49208]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2011-05-27 40368]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-03-30 937920]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2011-07-19 421736]
.
c:\documents and settings\David Batista\Start Menu\Programs\Startup\
Dropbox.lnk - c:\documents and settings\David Batista\Application Data\Dropbox\bin\Dropbox.exe [2011-5-25 24176560]
HotSync Manager.LNK - c:\program files\Palm\Hotsync.exe [2004-6-9 471040]
PMB Media Check Tool.lnk - c:\program files\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe [2010-3-17 327680]
.
c:\documents and settings\All Users\Start Menu\Programs\Startup\
Digital Line Detect.lnk - c:\program files\Digital Line Detect\DLG.exe [2004-2-17 24576]
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2009-5-21 275768]
WDDMStatus.lnk - c:\program files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe [2010-9-8 5185536]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-disabled]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" -atboottime
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeFirewall]
"DisableMonitoring"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Palm\\HOTSYNC.EXE"=
"c:\\Program Files\\Red Chair Software\\Dudebox Explorer\\dudemgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Red Chair Software\\Deubox Explorer\\deumgr.exe"=
"c:\\Documents and Settings\\David Batista\\Application Data\\Dropbox\\bin\\Dropbox.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpfcCopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpiscnapp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxs08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqfxt08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqgplgtupl.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqgpc01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqusgm.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqusgh.exe"=
"c:\\Program Files\\HP\\HP Software Update\\HPWUCli.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\smart web printing\\SmartWebPrintExe.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\{7E0E61CC-1C99-429D-BEA7-C4DD5B898D2A}\\setup\\hpznui01.exe"=
"c:\\Program Files\\Common Files\\McAfee\\McSvcHost\\McSvHost.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\BitLord\\BitLord.exe"=
.
R0 Lbd;Lbd;c:\windows\SYSTEM32\DRIVERS\Lbd.sys [1/9/2011 2:00 PM 64288]
R1 mfetdi2k;McAfee Inc. mfetdi2k;c:\windows\SYSTEM32\DRIVERS\mfetdi2k.sys [5/8/2010 3:40 PM 89368]
R2 McMPFSvc;McAfee Personal Firewall Service;"c:\program files\Common Files\Mcafee\McSvcHost\McSvHost.exe" /McCoreSvc [5/8/2010 3:40 PM 214904]
R2 mfefire;McAfee Firewall Core Service;c:\program files\Common Files\McAfee\SystemCore\mfefire.exe [5/8/2010 3:41 PM 159832]
R2 mfevtp;McAfee Validation Trust Protection Service;c:\program files\Common Files\McAfee\SystemCore\mfevtps.exe [5/8/2010 3:41 PM 148520]
R3 mfefirek;McAfee Inc. mfefirek;c:\windows\SYSTEM32\DRIVERS\mfefirek.sys [5/8/2010 3:40 PM 337912]
R3 mfendiskmp;mfendiskmp;c:\windows\SYSTEM32\DRIVERS\mfendisk.sys [5/8/2010 3:40 PM 83688]
S2 McNaiAnn;McAfee VirusScan Announcer;"c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe" /McCoreSvc [5/8/2010 3:40 PM 214904]
S2 WDDMService;WDDMService;c:\program files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe [9/8/2010 11:41 AM 237056]
S2 WDFME;WD File Management Engine;c:\program files\Western Digital\WD SmartWare\Front Parlor\WDFME\WDFME.exe [9/8/2010 11:45 AM 1034752]
S2 WDSC;WD File Management Shadow Engine;c:\program files\Western Digital\WD SmartWare\Front Parlor\WDSC.exe [9/8/2010 11:44 AM 484352]
S3 cfwids;McAfee Inc. cfwids;c:\windows\SYSTEM32\DRIVERS\cfwids.sys [5/8/2010 3:40 PM 57432]
S3 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [12/3/2010 5:05 AM 2151640]
S3 Lavasoft Kernexplorer;Lavasoft helper driver;c:\program files\Lavasoft\Ad-Aware\kernexplorer.sys [12/3/2010 5:05 AM 15232]
S3 mfendisk;McAfee Core NDIS Intermediate Filter;c:\windows\SYSTEM32\DRIVERS\mfendisk.sys [5/8/2010 3:40 PM 83688]
S3 mferkdet;McAfee Inc. mferkdet;c:\windows\SYSTEM32\DRIVERS\mferkdet.sys [5/8/2010 3:40 PM 85984]
S3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\SYSTEM32\DRIVERS\wdcsam.sys [5/6/2008 5:06 PM 11520]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
HPService REG_MULTI_SZ HPSLPSVC
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
Contents of the 'Scheduled Tasks' folder
.
2011-08-21 c:\windows\Tasks\Ad-Aware Update (Weekly).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2010-12-03 11:19]
.
2011-08-20 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2011-06-01 21:57]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.yahoo.com/
mSearch Bar = hxxp://www.google.com/
uInternet Connection Wizard,ShellNext = hxxp://www.dell4me.com/myway
uInternet Settings,ProxyOverride = *.local
IE: &ieSpell Options - c:\program files\ieSpell\iespell.dll/SPELLOPTION.HTM
IE: Check &Spelling - c:\program files\ieSpell\iespell.dll/SPELLCHECK.HTM
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
IE: Lookup on Merriam Webster - file://c:\program files\ieSpell\Merriam Webster.HTM
IE: Lookup on Wikipedia - file://c:\program files\ieSpell\wikipedia.HTM
TCP: DhcpNameServer = 192.168.1.1
.
.
------- File Associations -------
.
JSEFile=NOTEPAD.EXE %1
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-08-21 21:16
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'winlogon.exe'(884)
c:\windows\System32\l3codeca.acm
c:\windows\system32\DivXa32.acm
.
- - - - - - - > 'explorer.exe'(824)
c:\windows\system32\WININET.dll
c:\documents and settings\David Batista\Application Data\Dropbox\bin\DropboxExt.14.dll
.
Completion time: 2011-08-21 21:21:05
ComboFix-quarantined-files.txt 2011-08-22 01:20
ComboFix2.txt 2008-07-22 22:54
.
Pre-Run: 42,585,219,072 bytes free
Post-Run: 73,111,101,440 bytes free
.
- - End Of File - - 132128C627B6F54B188D0BA44F6C22D4
========================================================

--Ryodin

**redcar92** · 2011-08-22, 04:18

Allll right, way to go,

**ryodin** · 2011-08-23, 04:51

Are there any other programs to run or steps to take? I get the feeling I'm not done yet, correct?

And I still cannot delete the corrupted .exe files from off my desktop.

--Ryodin

**redcar92** · 2011-08-23, 05:02

Oh yes there is more to do , you will know when we are done I will post All Clean,
Back soon.

**ryodin** · 2011-08-23, 05:09

Oh okay, great.

**redcar92** · 2011-08-23, 18:47

Greetings Ryodin,

Please go to one of the below sites to scan the following files:
Virus Total
VirScan
jotti.org

click on Browse, and upload the following file for analysis:
C:\WINDOWS\System32\DC5F143025.sys

Then click Submit. Allow the file to be scanned, and then please copy and paste the results here for me to see.
If it says already scanned -- click "reanalyze now"
Please post the results in your next reply.
When done please do this file also, C:\WINDOWS\System32[\2530145FDC.sys

**ryodin** · 2011-08-23, 19:32

Bill,

Okay, I analyzed the first file and here are the results below. I'll analyze the second file in a follow-up post.

=========================================================
Antivirus Version Last Update Result
AhnLab-V3 2011.08.23.01 2011.08.23 -
AntiVir 7.11.13.192 2011.08.23 -
Antiy-AVL 2.0.3.7 2011.08.23 -
Avast 4.8.1351.0 2011.08.23 -
Avast5 5.0.677.0 2011.08.23 -
AVG 10.0.0.1190 2011.08.23 -
BitDefender 7.2 2011.08.23 -
ByteHero 1.0.0.1 2011.08.22 -
CAT-QuickHeal 11.00 2011.08.23 -
ClamAV 0.97.0.0 2011.08.23 -
Commtouch 5.3.2.6 2011.08.23 -
Comodo 9847 2011.08.23 -
DrWeb 5.0.2.03300 2011.08.23 -
Emsisoft 5.1.0.10 2011.08.23 -
eSafe 7.0.17.0 2011.08.22 -
eTrust-Vet 36.1.8516 2011.08.23 -
F-Prot 4.6.2.117 2011.08.23 -
F-Secure 9.0.16440.0 2011.08.23 -
Fortinet 4.2.257.0 2011.08.23 -
GData 22 2011.08.23 -
Ikarus T3.1.1.107.0 2011.08.23 -
Jiangmin 13.0.900 2011.08.23 -
K7AntiVirus 9.111.5047 2011.08.23 -
Kaspersky 9.0.0.837 2011.08.23 -
McAfee 5.400.0.1158 2011.08.23 -
McAfee-GW-Edition 2010.1D 2011.08.23 -
Microsoft 1.7604 2011.08.23 -
NOD32 6404 2011.08.23 -
Norman 6.07.10 2011.08.23 -
nProtect 2011-08-23.01 2011.08.23 -
Panda 10.0.3.5 2011.08.23 -
PCTools 8.0.0.5 2011.08.23 -
Prevx 3.0 2011.08.23 -
Rising 23.72.01.03 2011.08.23 -
Sophos 4.68.0 2011.08.23 -
SUPERAntiSpyware 4.40.0.1006 2011.08.23 -
Symantec 20111.2.0.82 2011.08.23 -
TheHacker 6.7.0.1.282 2011.08.22 -
TrendMicro 9.500.0.1008 2011.08.23 -
TrendMicro-HouseCall 9.500.0.1008 2011.08.23 -
VBA32 3.12.16.4 2011.08.23 -
VIPRE 10248 2011.08.23 -
ViRobot 2011.8.23.4635 2011.08.23 -
VirusBuster 14.0.181.1 2011.08.22 -
Additional informationShow all
MD5 : 0641a46f1e58529a42ead4573a3a0861
SHA1 : 2fa91927668fb0b3a4da32722825e15080cb5c21
SHA256: 9d7d948ef1329cc1db5fb77cbe9ed7bbf7d74cd8be1ad214689ebbe52a2267cb
ssdeep: 3:hl/n:r
File size : 8 bytes
First seen: 2008-03-02 16:02:20
Last seen : 2011-08-23 17:13:19
TrID:
MS Flight Simulator Aircraft Performance Info (100.0%)
sigcheck:
publisher....: n/a
copyright....: n/a
product......: n/a
description..: n/a
original name: n/a
internal name: n/a
file version.: n/a
comments.....: n/a
signers......: -
signing date.: -
verified.....: Unsigned
=========================================================

--Ryodin

**ryodin** · 2011-08-23, 19:37

And here is the second file analyzed:

========================================================
File name: 2530145FDC.sys
Submission date: 2011-08-23 17:21:05 (UTC)
Current status: queued queued analysing finished

Result: 0/ 44 (0.0%)
VT Community

not reviewed
Safety score: -
Compact Print results Antivirus Version Last Update Result
AhnLab-V3 2011.08.23.01 2011.08.23 -
AntiVir 7.11.13.192 2011.08.23 -
Antiy-AVL 2.0.3.7 2011.08.23 -
Avast 4.8.1351.0 2011.08.23 -
Avast5 5.0.677.0 2011.08.23 -
AVG 10.0.0.1190 2011.08.23 -
BitDefender 7.2 2011.08.23 -
ByteHero 1.0.0.1 2011.08.22 -
CAT-QuickHeal 11.00 2011.08.23 -
ClamAV 0.97.0.0 2011.08.23 -
Commtouch 5.3.2.6 2011.08.23 -
Comodo 9847 2011.08.23 -
DrWeb 5.0.2.03300 2011.08.23 -
Emsisoft 5.1.0.10 2011.08.23 -
eSafe 7.0.17.0 2011.08.22 -
eTrust-Vet 36.1.8516 2011.08.23 -
F-Prot 4.6.2.117 2011.08.23 -
F-Secure 9.0.16440.0 2011.08.23 -
Fortinet 4.2.257.0 2011.08.23 -
GData 22 2011.08.23 -
Ikarus T3.1.1.107.0 2011.08.23 -
Jiangmin 13.0.900 2011.08.23 -
K7AntiVirus 9.111.5047 2011.08.23 -
Kaspersky 9.0.0.837 2011.08.23 -
McAfee 5.400.0.1158 2011.08.23 -
McAfee-GW-Edition 2010.1D 2011.08.23 -
Microsoft 1.7604 2011.08.23 -
NOD32 6404 2011.08.23 -
Norman 6.07.10 2011.08.23 -
nProtect 2011-08-23.01 2011.08.23 -
Panda 10.0.3.5 2011.08.23 -
PCTools 8.0.0.5 2011.08.23 -
Prevx 3.0 2011.08.23 -
Rising 23.72.01.03 2011.08.23 -
Sophos 4.68.0 2011.08.23 -
SUPERAntiSpyware 4.40.0.1006 2011.08.23 -
Symantec 20111.2.0.82 2011.08.23 -
TheHacker 6.7.0.1.282 2011.08.22 -
TrendMicro 9.500.0.1008 2011.08.23 -
TrendMicro-HouseCall 9.500.0.1008 2011.08.23 -
VBA32 3.12.16.4 2011.08.23 -
VIPRE 10248 2011.08.23 -
ViRobot 2011.8.23.4635 2011.08.23 -
VirusBuster 14.0.181.1 2011.08.22 -
Additional informationShow all
MD5 : 521d9a238efc6f855bb98ea868a8ec55
SHA1 : 5c336f141a8496ff44b80e744cbac6f3f54fc6f8
SHA256: b1bd8cbc91e6d5c668f902c5cd8c2c3a97905e3389f5c24cac238791390b21bc
=========================================================

Apparently both files came back with 0.0% results.

--Ryodin

Thread: Blocked from running Spybot or any other malware remover

Thread Tools

Display

Posting Permissions