[WintryElf]

I can access virustotal.com. However, mysteriously, I did not need to reset the modem. I was about to go do it, tried again to see if I was sure and it worked. My apologies, it wasn't working before, but now it is and I don't know why. Would you still like me to reset my router, or not?

Edited by WintryElf, 28 May 2010 - 10:39 PM.

[Advertisements]

Hi,

how is your PC doing now? Do you have any other issues currently? Please upload the file directly, if you have access now. There's no need to reset the router, but it won't harm either if you decide to do it anyways.

regards myrti

[myrti]

Hi,

how is your PC doing now? Do you have any other issues currently? Please upload the file directly, if you have access now. There's no need to reset the router, but it won't harm either if you decide to do it anyways.

regards myrti

[WintryElf]

My PC is doing great! Much better than before, I'm very happy with how it's running.

I'll upload the files now.

EDIT: The XDva files are not in my System32 folder. Which file were you referring to?

Edited by WintryElf, 30 May 2010 - 06:58 PM.

[myrti]

Hi,

yeah, it seems as if the files might be missing. Can you please upload this file instead:
C:\Windows\System32\ws2_32.dll

regards myrti

[WintryElf]

File ws2_32.dll received on 2010.06.03 03:34:24 (UTC)
Current status: Loading ... queued waiting scanning finished NOT FOUND STOPPED
Result: 0/41 (0%)
Loading server information...
Your file is queued in position: ___.
Estimated start time is between ___ and ___ .
Do not close the window until scan is complete.
The scanner that was processing your file is stopped at this moment, we are going to wait a few seconds to try to recover your result.
If you are waiting for more than five minutes you have to resend your file.
Your file is being scanned by VirusTotal in this moment,
results will be shown as they're generated.
Compact Compact
Print results Print results
Your file has expired or does not exists.
Service is stopped in this moments, your file is waiting to be scanned (position: ) for an undefined time.

You can wait for web response (automatic reload) or type your email in the form below and click "request" so the system sends you a notification when the scan is finished.
Email:

Antivirus Version Last Update Result
a-squared 5.0.0.26 2010.06.03 -
AhnLab-V3 2010.06.03.01 2010.06.02 -
AntiVir 8.2.2.4 2010.06.02 -
Antiy-AVL 2.0.3.7 2010.06.02 -
Authentium 5.2.0.5 2010.06.03 -
Avast 4.8.1351.0 2010.06.02 -
Avast5 5.0.332.0 2010.06.02 -
AVG 9.0.0.787 2010.06.02 -
BitDefender 7.2 2010.06.03 -
CAT-QuickHeal 10.00 2010.06.02 -
ClamAV 0.96.0.3-git 2010.06.03 -
Comodo 4980 2010.06.01 -
DrWeb 5.0.2.03300 2010.06.02 -
eSafe 7.0.17.0 2010.06.01 -
eTrust-Vet 35.2.7526 2010.06.02 -
F-Prot 4.6.0.103 2010.06.03 -
F-Secure 9.0.15370.0 2010.06.02 -
Fortinet 4.1.133.0 2010.06.02 -
GData 21 2010.06.03 -
Ikarus T3.1.1.84.0 2010.06.03 -
Jiangmin 13.0.900 2010.06.02 -
Kaspersky 7.0.0.125 2010.06.02 -
McAfee 5.400.0.1158 2010.06.03 -
McAfee-GW-Edition 2010.1 2010.06.02 -
Microsoft 1.5802 2010.06.02 -
NOD32 5167 2010.06.02 -
Norman 6.04.12 2010.06.02 -
nProtect 2010-06-02.01 2010.06.02 -
Panda 10.0.2.7 2010.06.02 -
PCTools 7.0.3.5 2010.06.03 -
Prevx 3.0 2010.06.03 -
Rising 22.50.03.01 2010.06.03 -
Sophos 4.53.0 2010.06.03 -
Sunbelt 6397 2010.06.03 -
Symantec 20101.1.0.89 2010.06.03 -
TheHacker 6.5.2.0.292 2010.06.03 -
TrendMicro 9.120.0.1004 2010.06.02 -
TrendMicro-HouseCall 9.120.0.1004 2010.06.03 -
VBA32 3.12.12.5 2010.06.02 -
ViRobot 2010.6.1.2333 2010.06.02 -
VirusBuster 5.0.27.0 2010.06.02 -
Additional information
File size: 179200 bytes
MD5...: b304d47d5744ba20fcb99fb8b2c07b0b
SHA1..: 40ff7bde32ce0e5f5e0fb4283f8c65b66f72b13f
SHA256: 16aad9264cab5b5489e2cf8f118132ea46fe9066b4c4320c0259be88ebd111c8
ssdeep: 3072:x3HvZMUw4WOy04HNF4gHTfGimd40QFW+eIpqPvbG8plrjk/Nj11:t2UTa04
7rGimd4057G8p1k/Nj1
PEiD..: -
PEInfo: PE Structure information

( base data )
entrypointaddress.: 0x1434
timedatestamp.....: 0x4791a798 (Sat Jan 19 07:32:40 2008)
machinetype.......: 0x14c (I386)

( 4 sections )
name viradd virsiz rawdsiz ntrpy md5
.text 0x1000 0x23e0b 0x24000 6.53 fb1ec7d791831e78feb564120f1e026b
.data 0x25000 0xe2c 0xe00 4.51 ace438accfaf763efa64fccc40f5d733
.rsrc 0x26000 0x4e50 0x5000 3.66 b11b749fc580f178f5322a87a0d20986
.reloc 0x2b000 0x1818 0x1a00 6.50 841c9be872a9a158368ff23898435452

( 6 imports )
> msvcrt.dll: _vsnwprintf, _vsnprintf, wcsstr, strtoul, __isascii, strchr, wcschr, _wcsnicmp, memset, atoi, fgets, fopen, fclose, _stricmp, sprintf_s, strcpy_s, towupper, isspace, wcsncmp, _XcptFilter, malloc, free, _initterm, _amsg_exit, _adjust_fdiv, _except_handler4_common, _unlock, __dllonexit, _lock, _onexit, memcpy
> ADVAPI32.dll: OpenProcessToken, IsValidSid, CopySid, GetTokenInformation, EventRegister, EventWrite, EventUnregister, GetSecurityDescriptorDacl, AllocateAndInitializeSid, FreeSid, GetLengthSid, GetAclInformation, GetAce, EqualSid, InitializeSecurityDescriptor, InitializeAcl, AddAccessDeniedAce, AddAccessAllowedAce, SetSecurityDescriptorDacl, RegGetKeySecurity, CreateServiceA, ChangeServiceConfigA, ImpersonateLoggedOnUser, RevertToSelf, OpenSCManagerA, OpenServiceA, CloseServiceHandle, StartServiceA, QueryServiceStatus, OpenThreadToken, CheckTokenMembership, TraceMessage, RegQueryValueExW, RegCreateKeyExA, RegCloseKey, RegOpenKeyExA, RegSetValueExW, RegSetValueExA, RegLoadMUIStringW, RegQueryValueExA, RegDeleteKeyA, RegEnumKeyExA, RegNotifyChangeKeyValue
> KERNEL32.dll: LocalAlloc, HeapReAlloc, lstrcmpA, InitializeCriticalSectionAndSpinCount, IsWow64Process, GetCurrentProcess, CreateEventW, GetCurrentThread, GetCurrentThreadId, DuplicateHandle, QueueUserAPC, GlobalFree, GetModuleFileNameA, GlobalAlloc, ResumeThread, GetModuleHandleA, DeviceIoControl, GetCurrentProcessId, InterlockedExchangeAdd, PulseEvent, QueryPerformanceCounter, GetSystemTimeAsFileTime, TerminateProcess, UnhandledExceptionFilter, SetUnhandledExceptionFilter, DelayLoadFailureHook, GetTickCount, SetLastError, TlsGetValue, InterlockedDecrement, GetLastError, WideCharToMultiByte, MultiByteToWideChar, InitializeCriticalSection, DeleteCriticalSection, LeaveCriticalSection, SetEvent, EnterCriticalSection, InterlockedIncrement, FreeLibraryAndExitThread, CloseHandle, WaitForSingleObject, FreeLibrary, CreateThread, GetModuleHandleExA, CreateEventA, GetProcAddress, LoadLibraryA, LoadLibraryExW, ExpandEnvironmentStringsW, lstrlenW, HeapDestroy, TlsFree, GetProcessHeap, HeapCreate, GetSystemInfo, TlsAlloc, SwitchToThread, LocalFree, GetCommandLineW, GetModuleFileNameW, InterlockedExchange, LoadLibraryW, GetHandleInformation, TlsSetValue, ResetEvent, WaitForMultipleObjectsEx, GetWindowsDirectoryA, GetSystemDirectoryA, ExpandEnvironmentStringsA, GetVersionExA, GetComputerNameA, GetEnvironmentVariableA, HeapFree, HeapAlloc, InterlockedCompareExchange, lstrlenA, Sleep
> ntdll.dll: RtlGetNtProductType, NtOpenFile, NtQueryDirectoryFile, NtCreateNamedPipeFile, NtFsControlFile, NtWaitForSingleObject, NtCreateFile, RtlNtStatusToDosError, RtlImpersonateSelf, RtlAdjustPrivilege, NtLoadDriver, NtDeviceIoControlFile, NtClose, NtDelayExecution, RtlCompareMemory, RtlIpv6StringToAddressExW, RtlIpv6AddressToStringExW, RtlIpv4AddressToStringExW, RtlIpv6AddressToStringExA, RtlIpv4AddressToStringExA, RtlIpv6StringToAddressW, RtlIpv4StringToAddressW, RtlIpv6StringToAddressA, RtlIpv4StringToAddressA, RtlInitUnicodeString
> RPCRT4.dll: RpcEpRegisterW, RpcServerInqBindings, RpcServerUseProtseqW, RpcServerUnregisterIfEx, RpcServerUnregisterIf, RpcServerRegisterIfEx, RpcServerListen, RpcRevertToSelf, RpcImpersonateClient, RpcBindingInqAuthClientW, I_RpcBindingInqTransportType, NdrAsyncServerCall, NdrServerCall2, UuidCreate, RpcBindingVectorFree, RpcBindingInqObject, RpcAsyncCompleteCall, RpcEpUnregister
> NSI.dll: NsiSetAllParameters, NsiGetParameter, NsiGetAllParameters

( 167 exports )
FreeAddrInfoEx, FreeAddrInfoExW, FreeAddrInfoW, GetAddrInfoExA, GetAddrInfoExW, GetAddrInfoW, GetNameInfoW, InetNtopW, InetPtonW, SetAddrInfoExA, SetAddrInfoExW, WEP, WPUCompleteOverlappedRequest, WSAAccept, WSAAddressToStringA, WSAAddressToStringW, WSAAdvertiseProvider, WSAAsyncGetHostByAddr, WSAAsyncGetHostByName, WSAAsyncGetProtoByName, WSAAsyncGetProtoByNumber, WSAAsyncGetServByName, WSAAsyncGetServByPort, WSAAsyncSelect, WSACancelAsyncRequest, WSACancelBlockingCall, WSACleanup, WSACloseEvent, WSAConnect, WSAConnectByList, WSAConnectByNameA, WSAConnectByNameW, WSACreateEvent, WSADuplicateSocketA, WSADuplicateSocketW, WSAEnumNameSpaceProvidersA, WSAEnumNameSpaceProvidersExA, WSAEnumNameSpaceProvidersExW, WSAEnumNameSpaceProvidersW, WSAEnumNetworkEvents, WSAEnumProtocolsA, WSAEnumProtocolsW, WSAEventSelect, WSAGetLastError, WSAGetOverlappedResult, WSAGetQOSByName, WSAGetServiceClassInfoA, WSAGetServiceClassInfoW, WSAGetServiceClassNameByClassIdA, WSAGetServiceClassNameByClassIdW, WSAHtonl, WSAHtons, WSAInstallServiceClassA, WSAInstallServiceClassW, WSAIoctl, WSAIsBlocking, WSAJoinLeaf, WSALookupServiceBeginA, WSALookupServiceBeginW, WSALookupServiceEnd, WSALookupServiceNextA, WSALookupServiceNextW, WSANSPIoctl, WSANtohl, WSANtohs, WSAPoll, WSAProviderCompleteAsyncCall, WSAProviderConfigChange, WSARecv, WSARecvDisconnect, WSARecvFrom, WSARemoveServiceClass, WSAResetEvent, WSASend, WSASendDisconnect, WSASendMsg, WSASendTo, WSASetBlockingHook, WSASetEvent, WSASetLastError, WSASetServiceA, WSASetServiceW, WSASocketA, WSASocketW, WSAStartup, WSAStringToAddressA, WSAStringToAddressW, WSAUnadvertiseProvider, WSAUnhookBlockingHook, WSAWaitForMultipleEvents, WSApSetPostRoutine, WSCDeinstallProvider, WSCEnableNSProvider, WSCEnumProtocols, WSCGetApplicationCategory, WSCGetProviderInfo, WSCGetProviderPath, WSCInstallNameSpace, WSCInstallNameSpaceEx, WSCInstallProvider, WSCInstallProviderAndChains, WSCSetApplicationCategory, WSCSetProviderInfo, WSCUnInstallNameSpace, WSCUpdateProvider, WSCWriteNameSpaceOrder, WSCWriteProviderOrder, WahCloseApcHelper, WahCloseHandleHelper, WahCloseNotificationHandleHelper, WahCloseSocketHandle, WahCloseThread, WahCompleteRequest, WahCreateHandleContextTable, WahCreateNotificationHandle, WahCreateSocketHandle, WahDestroyHandleContextTable, WahDisableNonIFSHandleSupport, WahEnableNonIFSHandleSupport, WahEnumerateHandleContexts, WahInsertHandleContext, WahNotifyAllProcesses, WahOpenApcHelper, WahOpenCurrentThread, WahOpenHandleHelper, WahOpenNotificationHandleHelper, WahQueueUserApc, WahReferenceContextByHandle, WahRemoveHandleContext, WahWaitForNotification, WahWriteLSPEvent, __WSAFDIsSet, accept, bind, closesocket, connect, freeaddrinfo, getaddrinfo, gethostbyaddr, gethostbyname, gethostname, getnameinfo, getpeername, getprotobyname, getprotobynumber, getservbyname, getservbyport, getsockname, getsockopt, htonl, htons, inet_addr, inet_ntoa, inet_ntop, inet_pton, ioctlsocket, listen, ntohl, ntohs, recv, recvfrom, select, send, sendto, setsockopt, shutdown, socket
RDS...: NSRL Reference Data Set
-
pdfid.: -
trid..: Win64 Executable Generic (59.6%)
Win32 Executable MS Visual C++ (generic) (26.2%)
Win32 Executable Generic (5.9%)
Win32 Dynamic Link Library (generic) (5.2%)
Generic Win/DOS Executable (1.3%)
sigcheck:
publisher....: Microsoft Corporation
copyright....: © Microsoft Corporation. All rights reserved.
product......: Microsoft_ Windows_ Operating System
description..: Windows Socket 2.0 32-Bit DLL
original name: ws2_32.dll
internal name: ws2_32.dll
file version.: 6.0.6001.18000 (longhorn_rtm.080118-1840)
comments.....: n/a
signers......: -
signing date.: -
verified.....: Unsigned

[myrti]

Hi,

how is your PC doing? Still great?

I would like to run a scan with Eset to check for possible leftovers:

• Hold down Control and click on the following link to open ESET OnlineScan in a new window.
  ESET OnlineScan
• Click the button.
• For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
  • Click on to download the ESET Smart Installer. Save it to your desktop.
  • Double click on the icon on your desktop.
• Check
• Click the button.
• Accept any security warnings from your browser.
• Check
• Push the Start button.
• ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
• When the scan completes, push
• Push , and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
• Push the button.
• Push

regards myrti

[WintryElf]

Hi, I'm sorry, I actually forgot about this thread for a day or two because of how well my PC was running.
Running ESET now.

[myrti]

Hi,

I'm still waiting on the log from Eset. Was it clean?

regards myrti

[myrti]

Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.