I'm still trying to locate those files...I know where they are, I just can't find it when I browse on Virus Total. I found this infected file though...should I delete?
File dummy.cd_clint.dll received on 2010.06.10 00:37:07 (UTC)
Current status: Loading ... queued waiting scanning finished NOT FOUND STOPPED
Result: 1/41 (2.44%)
Loading server information...
Your file is queued in position: 1.
Estimated start time is between 42 and 60 seconds.
Do not close the window until scan is complete.
The scanner that was processing your file is stopped at this moment, we are going to wait a few seconds to try to recover your result.
If you are waiting for more than five minutes you have to resend your file.
Your file is being scanned by VirusTotal in this moment,
results will be shown as they're generated.
Compact Compact
Print results Print results
Your file has expired or does not exists.
Service is stopped in this moments, your file is waiting to be scanned (position: ) for an undefined time.
You can wait for web response (automatic reload) or type your email in the form below and click "request" so the system sends you a notification when the scan is finished.
Email:
Antivirus Version Last Update Result
a-squared 5.0.0.26 2010.06.09 -
AhnLab-V3 2010.06.10.00 2010.06.10 -
AntiVir 8.2.2.6 2010.06.09 -
Antiy-AVL 2.0.3.7 2010.06.08 -
Authentium 5.2.0.5 2010.06.10 -
Avast 4.8.1351.0 2010.06.09 -
Avast5 5.0.332.0 2010.06.09 -
AVG 9.0.0.787 2010.06.09 -
BitDefender 7.2 2010.06.10 -
CAT-QuickHeal 10.00 2010.06.09 -
ClamAV 0.96.0.3-git 2010.06.09 -
Comodo 5044 2010.06.09 -
DrWeb 5.0.2.03300 2010.06.10 -
eSafe 7.0.17.0 2010.06.09 -
eTrust-Vet 36.1.7624 2010.06.10 -
F-Prot 4.6.0.103 2010.06.09 -
F-Secure 9.0.15370.0 2010.06.10 -
Fortinet 4.1.133.0 2010.06.09 -
GData 21 2010.06.10 -
Ikarus T3.1.1.84.0 2010.06.09 -
Jiangmin 13.0.900 2010.06.09 -
Kaspersky 7.0.0.125 2010.06.09 -
McAfee 5.400.0.1158 2010.06.10 -
McAfee-GW-Edition 2010.1 2010.06.09 -
Microsoft 1.5802 2010.06.09 -
NOD32 5185 2010.06.09 -
Norman 6.04.12 2010.06.09 -
nProtect 2010-06-09.02 2010.06.09 -
Panda 10.0.2.7 2010.06.08 -
PCTools 7.0.3.5 2010.06.10 -
Prevx 3.0 2010.06.10 -
Rising 22.51.02.03 2010.06.09 -
Sophos 4.54.0 2010.06.10 -
Sunbelt 6427 2010.06.10 -
Symantec 20101.1.0.89 2010.06.09 -
TheHacker 6.5.2.0.295 2010.06.08 -
TrendMicro 9.120.0.1004 2010.06.09 -
TrendMicro-HouseCall 9.120.0.1004 2010.06.10 -
VBA32 3.12.12.5 2010.06.09 -
ViRobot 2010.6.9.2346 2010.06.09 Adware.SpyFerret.R.48640
VirusBuster 5.0.27.0 2010.06.09 -
Additional information
File size: 48640 bytes
MD5...: 65fd7ea79f626f7b57f4d6ced6339f32
SHA1..: 866057a7b43c7d8cbc940bdb5d3f981e90c766bd
SHA256: df94491ba2793da99a2431591f317c67150d22e2530a9d34d5f427ad854fccf4
ssdeep: 768:fx2vBbnGaxz3I1pc8APF5AkQejBa5VlnaaroGUGQQP86pxl6N93+:aBbXz4L
c8APF5RQI05ONGUGRON93
PEiD..: -
PEInfo: PE Structure information
( base data )
entrypointaddress.: 0x1000
timedatestamp.....: 0x3c407b08 (Sat Jan 12 18:06:00 2002)
machinetype.......: 0x14c (I386)
( 7 sections )
name viradd virsiz rawdsiz ntrpy md5
.text 0x1000 0x8000 0x7600 6.58 8558c7cd93244de2db100e05b0f62e21
.data 0x9000 0x6000 0x2600 4.78 df74a9ef4ed005ce2b9a3dbf3590410c
.tls 0xf000 0x1000 0x200 7.56 6dc5e9f680f898766f95b3772be45afa
.idata 0x10000 0x1000 0x600 4.21 03687ef20fd86b905fd9b48e039f7963
.edata 0x11000 0x1000 0x200 2.15 bab4bd510e904028091b14b2b3bd197a
.rsrc 0x12000 0x1000 0xa00 3.74 3d2d5690d8a991e3b301369919edbdcb
.reloc 0x13000 0x1000 0x800 6.49 ae41c1542e3e8af842d30f2ded308dd4
( 2 imports )
> KERNEL32.DLL: CloseHandle, CreateFileA, EnterCriticalSection, ExitProcess, FreeEnvironmentStringsA, GetACP, GetCPInfo, GetCurrentThreadId, GetEnvironmentStrings, GetFileType, GetLastError, GetLocalTime, GetModuleFileNameA, GetModuleHandleA, GetOEMCP, GetProcAddress, GetProcessHeap, GetStartupInfoA, GetStdHandle, GetStringTypeW, GetVersion, GetVersionExA, GlobalMemoryStatus, HeapAlloc, HeapFree, InitializeCriticalSection, LeaveCriticalSection, LoadLibraryA, RaiseException, RtlUnwind, SetConsoleCtrlHandler, SetFilePointer, SetHandleCount, TlsAlloc, TlsFree, TlsGetValue, TlsSetValue, UnhandledExceptionFilter, VirtualAlloc, VirtualFree, VirtualQuery, WriteFile
> USER32.DLL: EnumThreadWindows, MessageBoxA, wsprintfA
( 6 exports )
ChannelRead, ChannelWrite, DescWrite, ServiceClose, ServiceShow, ___CPPdebugHook
RDS...: NSRL Reference Data Set
-
trid..: Win32 Dynamic Link Library - Borland C/C++ (91.6%)
Win32 Executable Generic (3.5%)
Win32 Dynamic Link Library (generic) (3.1%)
Generic Win/DOS Executable (0.8%)
DOS Executable Generic (0.8%)
pdfid.: -
sigcheck:
publisher....: CEXX Labs - www.cexx.org
copyright....: CEXX Labs _ Mike Dombrowski
product......: CEXX.ORG Spyware Condom (CYDOOR-Compatible)
description..: DLL (GUI)
original name: project1.dll
internal name: ProjectOne
file version.: 1.0.0.0
comments.....: _For that EXTRA comfort and protection._
signers......: -
signing date.: -
verified.....: Unsigned[b]
File dummy.cd_clint.dll received on 2010.06.10 00:37:07 (UTC)
Current status: Loading ... queued waiting scanning finished NOT FOUND STOPPED
Result: 1/41 (2.44%)
Loading server information...
Your file is queued in position: 1.
Estimated start time is between 42 and 60 seconds.
Do not close the window until scan is complete.
The scanner that was processing your file is stopped at this moment, we are going to wait a few seconds to try to recover your result.
If you are waiting for more than five minutes you have to resend your file.
Your file is being scanned by VirusTotal in this moment,
results will be shown as they're generated.
Compact Compact
Print results Print results
Your file has expired or does not exists.
Service is stopped in this moments, your file is waiting to be scanned (position: ) for an undefined time.
You can wait for web response (automatic reload) or type your email in the form below and click "request" so the system sends you a notification when the scan is finished.
Email:
Antivirus Version Last Update Result
a-squared 5.0.0.26 2010.06.09 -
AhnLab-V3 2010.06.10.00 2010.06.10 -
AntiVir 8.2.2.6 2010.06.09 -
Antiy-AVL 2.0.3.7 2010.06.08 -
Authentium 5.2.0.5 2010.06.10 -
Avast 4.8.1351.0 2010.06.09 -
Avast5 5.0.332.0 2010.06.09 -
AVG 9.0.0.787 2010.06.09 -
BitDefender 7.2 2010.06.10 -
CAT-QuickHeal 10.00 2010.06.09 -
ClamAV 0.96.0.3-git 2010.06.09 -
Comodo 5044 2010.06.09 -
DrWeb 5.0.2.03300 2010.06.10 -
eSafe 7.0.17.0 2010.06.09 -
eTrust-Vet 36.1.7624 2010.06.10 -
F-Prot 4.6.0.103 2010.06.09 -
F-Secure 9.0.15370.0 2010.06.10 -
Fortinet 4.1.133.0 2010.06.09 -
GData 21 2010.06.10 -
Ikarus T3.1.1.84.0 2010.06.09 -
Jiangmin 13.0.900 2010.06.09 -
Kaspersky 7.0.0.125 2010.06.09 -
McAfee 5.400.0.1158 2010.06.10 -
McAfee-GW-Edition 2010.1 2010.06.09 -
Microsoft 1.5802 2010.06.09 -
NOD32 5185 2010.06.09 -
Norman 6.04.12 2010.06.09 -
nProtect 2010-06-09.02 2010.06.09 -
Panda 10.0.2.7 2010.06.08 -
PCTools 7.0.3.5 2010.06.10 -
Prevx 3.0 2010.06.10 -
Rising 22.51.02.03 2010.06.09 -
Sophos 4.54.0 2010.06.10 -
Sunbelt 6427 2010.06.10 -
Symantec 20101.1.0.89 2010.06.09 -
TheHacker 6.5.2.0.295 2010.06.08 -
TrendMicro 9.120.0.1004 2010.06.09 -
TrendMicro-HouseCall 9.120.0.1004 2010.06.10 -
VBA32 3.12.12.5 2010.06.09 -
ViRobot 2010.6.9.2346 2010.06.09 Adware.SpyFerret.R.48640
VirusBuster 5.0.27.0 2010.06.09 -
Additional information
File size: 48640 bytes
MD5...: 65fd7ea79f626f7b57f4d6ced6339f32
SHA1..: 866057a7b43c7d8cbc940bdb5d3f981e90c766bd
SHA256: df94491ba2793da99a2431591f317c67150d22e2530a9d34d5f427ad854fccf4
ssdeep: 768:fx2vBbnGaxz3I1pc8APF5AkQejBa5VlnaaroGUGQQP86pxl6N93+:aBbXz4L
c8APF5RQI05ONGUGRON93
PEiD..: -
PEInfo: PE Structure information
( base data )
entrypointaddress.: 0x1000
timedatestamp.....: 0x3c407b08 (Sat Jan 12 18:06:00 2002)
machinetype.......: 0x14c (I386)
( 7 sections )
name viradd virsiz rawdsiz ntrpy md5
.text 0x1000 0x8000 0x7600 6.58 8558c7cd93244de2db100e05b0f62e21
.data 0x9000 0x6000 0x2600 4.78 df74a9ef4ed005ce2b9a3dbf3590410c
.tls 0xf000 0x1000 0x200 7.56 6dc5e9f680f898766f95b3772be45afa
.idata 0x10000 0x1000 0x600 4.21 03687ef20fd86b905fd9b48e039f7963
.edata 0x11000 0x1000 0x200 2.15 bab4bd510e904028091b14b2b3bd197a
.rsrc 0x12000 0x1000 0xa00 3.74 3d2d5690d8a991e3b301369919edbdcb
.reloc 0x13000 0x1000 0x800 6.49 ae41c1542e3e8af842d30f2ded308dd4
( 2 imports )
> KERNEL32.DLL: CloseHandle, CreateFileA, EnterCriticalSection, ExitProcess, FreeEnvironmentStringsA, GetACP, GetCPInfo, GetCurrentThreadId, GetEnvironmentStrings, GetFileType, GetLastError, GetLocalTime, GetModuleFileNameA, GetModuleHandleA, GetOEMCP, GetProcAddress, GetProcessHeap, GetStartupInfoA, GetStdHandle, GetStringTypeW, GetVersion, GetVersionExA, GlobalMemoryStatus, HeapAlloc, HeapFree, InitializeCriticalSection, LeaveCriticalSection, LoadLibraryA, RaiseException, RtlUnwind, SetConsoleCtrlHandler, SetFilePointer, SetHandleCount, TlsAlloc, TlsFree, TlsGetValue, TlsSetValue, UnhandledExceptionFilter, VirtualAlloc, VirtualFree, VirtualQuery, WriteFile
> USER32.DLL: EnumThreadWindows, MessageBoxA, wsprintfA
( 6 exports )
ChannelRead, ChannelWrite, DescWrite, ServiceClose, ServiceShow, ___CPPdebugHook
RDS...: NSRL Reference Data Set
-
trid..: Win32 Dynamic Link Library - Borland C/C++ (91.6%)
Win32 Executable Generic (3.5%)
Win32 Dynamic Link Library (generic) (3.1%)
Generic Win/DOS Executable (0.8%)
DOS Executable Generic (0.8%)
pdfid.: -
sigcheck:
publisher....: CEXX Labs - www.cexx.org
copyright....: CEXX Labs _ Mike Dombrowski
product......: CEXX.ORG Spyware Condom (CYDOOR-Compatible)
description..: DLL (GUI)
original name: project1.dll
internal name: ProjectOne
file version.: 1.0.0.0
comments.....: _For that EXTRA comfort and protection._
signers......: -
signing date.: -
verified.....: Unsigned[b]