Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Help! [RESOLVED]


  • This topic is locked This topic is locked

#31
Excal

Excal

    Malware Slayer Extraordinaire!

  • Retired Staff
  • 12,739 posts
Ok, those are files they can't get at becuase their in quarantine in your anti-spyware/virus programs (you should clean those out :))


I am interested in these though:

Mon Aug 22 19:22:21 2005 => Total Virus(es) Found: 5


Thanks,

:tazz:

Excal
  • 0

Advertisements


#32
lannie

lannie

    Member

  • Topic Starter
  • Member
  • PipPip
  • 54 posts
Will clear out Spybot S&D! The virus stuff I posted previously, here it is again. RegSeeker still finding stuff!! :tazz: Have seen this alot: cpbrkpie.ocx - is it anything??
Thanks

File C:\Program Files\Support.com\backup\B4\B44AC5F3d01\859817_5a9917a61_ infected by "Backdoor.Win32.IRC.Zapchast" Virus! Action Taken: No Action Taken.
Object "bearshare Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "funwebproducts Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "Unknown Toolbar Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "WeatherBug Spyware/Adware" found in File System! Action Taken: No Action Taken.

Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\ModuleUsage" refers to invalid object "C:\WINDOWS\cpbrkpie.ocx". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\ModuleUsage" refers to invalid object "C:\WINDOWS\Downloaded Program Files\ActiveData.dll". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\ModuleUsage" refers to invalid object "C:\WINDOWS\Downloaded Program Files\asinst.dll". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\ModuleUsage" refers to invalid object "C:\WINDOWS\Downloaded Program Files\avsniff.dll". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\ModuleUsage" refers to invalid object "C:\WINDOWS\Downloaded Program Files\CONFLICT.1\asinst.dll". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\ModuleUsage" refers to invalid object "C:\WINDOWS\Downloaded Program Files\CONFLICT.1\ppctl.dll". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\ModuleUsage" refers to invalid object "C:\WINDOWS\Downloaded Program Files\GrooveAX.dll". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\ModuleUsage" refers to invalid object "C:\WINDOWS\Downloaded Program Files\ieatgpc.dll". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\ModuleUsage" refers to invalid object "C:\WINDOWS\Downloaded Program Files\IEAWSDC.DLL". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\ModuleUsage" refers to invalid object "C:\WINDOWS\Downloaded Program Files\MSNChat45.ocx". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\ModuleUsage" refers to invalid object "C:\WINDOWS\Downloaded Program Files\msvcr71.dll". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\ModuleUsage" refers to invalid object "C:\WINDOWS\Downloaded Program Files\navapi.vxd". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\ModuleUsage" refers to invalid object "C:\WINDOWS\Downloaded Program Files\navapi32.dll". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\ModuleUsage" refers to invalid object "C:\WINDOWS\Downloaded Program Files\OTXMedia.dll". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\ModuleUsage" refers to invalid object "C:\WINDOWS\Downloaded Program Files\popcaploader.dll". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\ModuleUsage" refers to invalid object "C:\WINDOWS\Downloaded Program Files\ppctl.dll". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\ModuleUsage" refers to invalid object "C:\WINDOWS\Downloaded Program Files\PPSDKActiveXScanner.ocx". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\ModuleUsage" refers to invalid object "C:\WINDOWS\Downloaded Program Files\Preloader.dll". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\ModuleUsage" refers to invalid object "C:\WINDOWS\Downloaded Program Files\rufsi.dll". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\ModuleUsage" refers to invalid object "C:\WINDOWS\Downloaded Program Files\spweng.dll". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\ModuleUsage" refers to invalid object "C:\WINDOWS\Downloaded Program Files\SpyWareKillerBKGD.jpg". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\ModuleUsage" refers to invalid object "C:\WINDOWS\Downloaded Program Files\swksig.dat". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\ModuleUsage" refers to invalid object "C:\WINDOWS\Downloaded Program Files\SymAData.dll". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\ModuleUsage" refers to invalid object "C:\WINDOWS\Downloaded Program Files\tgctlcm.dll". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\ModuleUsage" refers to invalid object "C:\WINDOWS\Downloaded Program Files\WebAAS.dll". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\ModuleUsage" refers to invalid object "C:\WINDOWS\Downloaded Program Files\WONWebLauncherControl.ocx". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\ModuleUsage" refers to invalid object "C:\WINDOWS\Downloaded Program Files\WSDownloader.ocx". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\ModuleUsage" refers to invalid object "C:\WINDOWS\Downloaded Program Files\xscan53.ocx". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\ModuleUsage" refers to invalid object "C:\WINDOWS\Downloaded Program Files\xscan60.ocx". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\ModuleUsage" refers to invalid object "C:\WINDOWS\RMAgentOutput.dll". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINDOWS\RMAgentOutput.dll". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINDOWS\Downloaded Program Files\xscan60.ocx". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINDOWS\Downloaded Program Files\rufsi.dll". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINDOWS\Downloaded Program Files\CONFLICT.1\asinst.dll". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Program Files\Hewlett-Packard\Digital Imaging\{7C8BB31C-E09E-4c7d-BBF1-45E33B467FE1}\Drivers\Scanner\hpqgends.tmp". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{2BC66F51-93A8-11D3-BEB6-00105AA9B6AE}" refers to invalid object "C:\WINDOWS\Downloaded Program Files\avsniff.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{88E729D6-BDC1-11D1-BD2A-00C04FB9603F}" refers to invalid object "fde.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{95EA6620-7E55-4D56-83CF-AB0BACF59C52}" refers to invalid object "C:\WINDOWS\DOWNLO~1\xscan60.ocx". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{AA58ED58-01DD-4d91-8333-CF10577473F7}" refers to invalid object "c:\program files\google\googletoolbar1.dll__BHODemonDisabled". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{C2FCEF4E-ACE9-11D3-BEBD-00105AA9B6AE}" refers to invalid object "C:\WINDOWS\Downloaded Program Files\rufsi.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{C2FCEF52-ACE9-11D3-BEBD-00105AA9B6AE}" refers to invalid object "C:\WINDOWS\Downloaded Program Files\rufsi.dll". Action Taken: No Action Taken.
Entry "HKCR\TypeLib\{2BC66F43-93A8-11D3-BEB6-00105AA9B6AE}" refers to invalid object "C:\WINDOWS\Downloaded Program Files\avsniff.dll". Action Taken: No Action Taken.
Entry "HKCR\TypeLib\{4387D200-E98E-4194-9684-44783E8EB4EE}" refers to invalid object "C:\WINDOWS\Downloaded Program Files\CONFLICT.1\asinst.dll". Action Taken: No Action Taken.
Entry "HKCR\TypeLib\{56815A80-D921-454E-9484-5B7961DA9040}" refers to invalid object "C:\WINDOWS\Downloaded Program Files\xscan60.ocx". Action Taken: No Action Taken.
Entry "HKCR\TypeLib\{C2FCEF41-ACE9-11D3-BEBD-00105AA9B6AE}" refers to invalid object "C:\WINDOWS\Downloaded Program Files\rufsi.dll". Action Taken: No Action Taken.
Entry "HKCR\TypeLib\{FCE18140-B12B-11D0-B06A-00AA0060271A}" refers to invalid object "E:\msppt8vr.olb". Action Taken: No Action Taken.
Entry "HKCR\ActiveScan_Installer" refers to invalid object "{9A9307A0-7DA4-4DAF-B042-5009F29E09E1}". Action Taken: No Action Taken.
Entry "HKCR\ActiveScan_Installer.1" refers to invalid object "{9A9307A0-7DA4-4DAF-B042-5009F29E09E1}". Action Taken: No Action Taken.
Entry "HKCR\RuFSI.SymUtility" refers to invalid object "{644E432F-49D3-41a1-8DD5-E099162EEEC5}". Action Taken: No Action Taken.
Entry "HKCR\RuFSI.SymUtility.1" refers to invalid object "{644E432F-49D3-41a1-8DD5-E099162EEEC5}". Action Taken: No Action Taken.
Entry "HKCR\Symantec.NavSniff" refers to invalid object "{2BC66F54-93A8-11D3-BEB6-00105AA9B6AE}". Action Taken: No Action Taken.
Entry "HKCR\Symantec.NavSniff.1" refers to invalid object "{2BC66F54-93A8-11D3-BEB6-00105AA9B6AE}". Action Taken: No Action Taken.
Entry "HKCR\XSCAN.XscanCtrl.1" refers to invalid object "{04E214E5-63AF-4236-83C6-A7ADCBF9BD02}". Action Taken: No Action Taken.
File C:\Program Files\Support.com\backup\B4\B44AC5F3d01\859817_5a9917a61_ infected by "Backdoor.Win32.IRC.Zapchast" Virus! Action Taken: No Action Taken.

Edited by lannie, 22 August 2005 - 09:51 PM.

  • 0

#33
Excal

Excal

    Malware Slayer Extraordinaire!

  • Retired Staff
  • 12,739 posts
You can delete C:\WINDOWS\cpbrkpie.ocx

I would do a reg search for these entries:

bearshare
funwebproducts.
Unknown Toolbar
WeatherBug



Excal
  • 0

#34
lannie

lannie

    Member

  • Topic Starter
  • Member
  • PipPip
  • 54 posts
I have weather bug (and I really like it...heard it isn't bad...does it have to go :tazz: ?? Will search for the rest.
thanks!!

Edited by lannie, 22 August 2005 - 10:50 PM.

  • 0

#35
lannie

lannie

    Member

  • Topic Starter
  • Member
  • PipPip
  • 54 posts
found funwebproducts - lots in the folder - should I delete?? Can Weather Bug stay? Found: no bearshare. no unknown toolbar.(Reg Search) cpbrkpie.ocx does not show in a regular search or in Explorer. Is there another way to find. (Reg Search?)

Edited by lannie, 22 August 2005 - 10:53 PM.

  • 0

#36
Excal

Excal

    Malware Slayer Extraordinaire!

  • Retired Staff
  • 12,739 posts
Delete Funweb!

Weatherbug doesn't have to go, it used to be bad, now its not suppose to be.


Just so you know, these Reg Entries are harmless with out the files, its just adds up to be annoying when they are found by the anti-spyware/virus scanners.


Excal
  • 0

#37
lannie

lannie

    Member

  • Topic Starter
  • Member
  • PipPip
  • 54 posts
Deleted Funwebproducts! Still removing junk with Regseeker. Things are looking better! You have been a great help. Should I keep looking for cpbrkpie.ocx? Googled it and it seems like it is a problem.

Thanks!
Lannie
  • 0

#38
Excal

Excal

    Malware Slayer Extraordinaire!

  • Retired Staff
  • 12,739 posts
bad file but its an orphaned entry.

I would worry if u cant find it.


Excal
  • 0

#39
lannie

lannie

    Member

  • Topic Starter
  • Member
  • PipPip
  • 54 posts
Found cpbrkpie.ocx, but don't know what to do. Did a Registry search and found it inside of: HKEY current user/software/microsoft/search assistant/ACMru/...and then inside folder 5603 (when open 5603 is open it shows (in the list to the right): default (value not set), 000 (cpbrkpie.ocx), 001 (cpbrkpie), and 002 (cpbrkpie.ocx).

Now what?! :tazz: Do I delete the whole 5603 folder. Or do I need some of it?

Thanks!

Edited by lannie, 23 August 2005 - 06:12 AM.

  • 0

#40
Excal

Excal

    Malware Slayer Extraordinaire!

  • Retired Staff
  • 12,739 posts
Hi :tazz:

I confired with one of out experts to confirmed what i thought and this is what they said

"that reg entry is harmless, it will come back all the time, that's normal"


Jotti File Submission:
  • Please go to Jotti's malware scan
  • Copy and paste the following file path into the "File to upload & scan"box on the top of the page:
    • C:\WINDOWS\cpbrkpie.ocx
  • Click on the submit button
  • Please post the results in your next reply.

  • 0

Advertisements


#41
lannie

lannie

    Member

  • Topic Starter
  • Member
  • PipPip
  • 54 posts
Followed your instructions. Here are the results. (Still getting pop-ups on Mozilla - even with the pop-ups disabled feature) Not as many, but still from the same to places. Thanks for all the help. I am totally lost!

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<meta name="GENERATOR" content="A pair of hands, a set of brains and a texteditor. FROTPAGE SUX!">
<meta http-equiv="Content-Type" content="text/html">
<link rel="shortcut icon" href="favicon.ico" type="image/x-icon">
<link rel="stylesheet" HREF="style.css">
<title>Online malware scan</title>
<script language="javascript" type="text/javascript">
function set_pleasewait()
{
document.getElementById("status").innerHTML='Uploading file, please wait...';
}

function faq_read()
{
var faqread=window.confirm('Did you read the Frequently Asked Questions first?');
if (faqread)
{
document.location.href='mailto:jotti@jotti.org?subject=Your online malware scan service';
} else
{
window.open('docs/FAQ', 'FAQ', 'width=800,height=400,scrollbars=1');
}
}

</script>

</head>
<body>
<table border="0" cellpadding="2" cellspacing="2" class="servicetable" width="90%">
<tr>
<td colspan="2" align="center">
<div class="columnheader">
Jotti's malware scan 2.99-TRANSITION_TO_3.00
</div>
<div id="javascriptwarning">

Warning: you seem to have javascript disabled. This is necessary for the display of results.
</div>
<script language="javascript" type="text/javascript">document.getElementById('javascriptwarning').innerHTML='';</script>
</td>
</tr>
<tr>
<td width="250">
File to upload &amp; scan:
<img src="images/virus.gif" border="0" alt="Virus">

</td>
<td>
<form enctype="MULTIPART/FORM-DATA" action="" method="POST" onsubmit="set_pleasewait()">
<input type="HIDDEN" name="MAX_FILE_SIZE" value="15242880">
<input type="FILE" name="scanfile" value="Browse...">
<input type="SUBMIT" value="Submit">
&nbsp;&nbsp;&nbsp;<a href="http://virusscan.jotti.org/de" title="Auf Deutsch"><img src="images/de.png" border="0" alt=""></a>
</form>
</td>

</tr>
<tr>
<td align="center" colspan="2">
<div class="columnheader">
Service
</div>
</td>
</tr>
<tr>

<td align="right" class="resultcell">
Service load:
</td>
<td align="left" nowrap class="resultcell">
<table border="0" class="table" cellspacing="0" cellpadding="0">
<tr class="load">
<td>
0%
</td>
<td width="200" class="loadcolorheavy loadleft">

&nbsp;
</td>
<td width="0" class="loadright">
&nbsp;
</td>
<td>
100%
</td>
</tr>

</table>
</td>
</tr>


<tr>
<td align="right" class="resultcell">
Status:
</td>
<td class="resultcell" width="800">

<div id="status">Ready for upload</div>


</td>
</tr>


<tr>
<td align="center" colspan="2" valign="middle">
<div class="columnheader">
Powered by
</div>
</td>
</tr>

<tr>
<td colspan="2" align="center">

<a href="http://www.antivir.de/en/" target="_blank"><img src="images/antivir.png" border="0" height="35" alt="images/antivir.png"></a>

<a href="http://www.arcabit.com" target="_blank"><img src="images/arcabit.png" border="0" height="35" alt="images/arcabit.png"></a>

<a href="http://www.avast.com/" target="_blank"><img src="images/avast.png" border="0" height="35" alt="images/avast.png"></a>

<a href="http://www.grisoft.com" target="_blank"><img src="images/avg.gif" border="0" height="35" alt="images/avg.gif"></a>

<a href="http://www.bitdefender.com" target="_blank"><img src="images/bitdefender.png" border="0" height="35" alt="images/bitdefender.png"></a>

<a href="http://www.clamav.net" target="_blank"><img src="images/clamav-logo1.png" border="0" height="35" alt="images/clamav-logo1.png"></a>

<a href="http://www.drweb.com" target="_blank"><img src="images/drweb.gif" border="0" height="35" alt="images/drweb.gif"></a>


<a href="http://www.f-prot.com" target="_blank"><img src="images/f-prot.png" border="0" height="35" alt="images/f-prot.png"></a>

<a href="http://www.fortinet.com" target="_blank"><img src="images/fortinet.gif" border="0" height="35" alt="images/fortinet.gif"></a>

<a href="http://www.kaspersky.com" target="_blank"><img src="images/kaspersky.png" border="0" height="35" alt="images/kaspersky.png"></a>

<a href="http://www.nod32.com" target="_blank"><img src="images/nod32.gif" border="0" height="35" alt="images/nod32.gif"></a>

<a href="http://www.norman.com" target="_blank"><img src="images/norman.png" border="0" height="35" alt="images/norman.png"></a>

<a href="http://www2.una.ua/index_e.html" target="_blank"><img src="images/una_logo.jpg" border="0" height="35" alt="images/una_logo.jpg"></a>

<a href="http://www.anti-virus.by/en" target="_blank"><img src="images/vba32.png" border="0" height="35" alt="images/vba32.png"></a>

</td>
</tr>

<tr>
<td colspan="2" align="center">
<div class="columnheader">
Disclaimer
</div>
</td>
</tr>
<tr>
<td colspan="2" class="disclaimer">

This service is by no means 100% safe. If this scanner says 'OK', it does not necessarily
mean the file is clean. There could be a whole new virus on the loose. <b>NEVER EVER</b>
rely on one single product only, not even this service, even though it utilizes several
products.
Therefore, I cannot and will not be held responsible for any damage caused by results
presented by this non-profit online service.
<br><br>
Also, I am aware of the implications of a setup like this. I am sure this whole thing
is by no means scientifically correct, since this is a fully automated service (although
manual correction is possible).
I am aware, in spite of efforts to proactively counter these, false positives might occur,
for example. I do not consider this a very big
issue, so please do not e-mail me about it. This is a simple online scan service, not the
university of Wichita.
<br><br>
Scanning can take a while, since several scanners are being used, plus
the fact some scanners use very high levels of (time consuming) heuristics. Scanners used
are Linux versions, differences with Windows scanners may or may not occur.
Another note: some scanners will only report one virus
when scanning archives with multiple pieces of malware.<br><br>
Virus definitions are updated every hour. There is a 15Mb limit per file. Please refrain from
uploading tons of hex-edited or repacked variants of the same sample.
<br><br>
Please do not ask for viruses uploaded here, unless you work for an anti-virus vendor.
They are not for trade. This is a legitimate service, not a VX site.
Viruses uploaded here will be distributed to antivirus vendors without exception.
<br><br>

Sponsored by donations (in random order) from:
Stormbyte Technologies LLC,
The ClamAV project,
James Love,
Gideon Pertzov,
Malcolm Murray,
Nigel Thomas,
Wendy Dickerson,
Anthony Midmore,
"ethereal",
Mark Rubins,
Steve S.,
Eric Johansen,
Eric Schechter,
Paul Bokel,
Wilders Security,
Wilfried Lilie,
Prevx,
SonicWALL,
and some people who prefer to remain anonymous... many thanks to all!
</td>
</tr>

<tr>
<td valign="top">

</td>
<td align="right">

<script type="text/javascript"><!--
google_ad_client = "pub-5174570257921396";
google_ad_width = 468;
google_ad_height = 60;
google_ad_format = "468x60_as";
google_ad_type = "text";
google_ad_channel ="";
google_color_border = "CCCCCC";
google_color_bg = "FFFFFF";
google_color_link = "000000";
google_color_url = "666666";
google_color_text = "333333";
//--></script>
<script type="text/javascript"
src="http://pagead2.googl...d/show_ads.js">
</script>

</td>

</tr>
<tr>
<td align="center" colspan="2">
<div class="columnheader">
Statistics
</div>
</td>
</tr>
<tr>

<td colspan="2">
Last file scanned at least one scanner reported something about: downloadaccelerator.rar, detected by:<BR><BR>
<table class="servicetable" cellpadding="2">
<tr>
<td class="resultheader resultcell">
Scanner
</td>
<td align="center" class="resultheader resultcell">
Malware name
</td>

</tr>

<tr>
<td class="resultcell">
AntiVir
</td>
<td align="center" class="resultcell">
<font color="red">X</font>
</td>
</tr>


<tr>
<td class="resultcell">
ArcaVir
</td>
<td align="center" class="resultcell">
<font color="red">X</font>
</td>
</tr>

<tr>

<td class="resultcell">
Avast
</td>
<td align="center" class="resultcell">
<font color="red">X</font>
</td>
</tr>

<tr>
<td class="resultcell">

AVG Antivirus
</td>
<td align="center" class="resultcell">
<font color="red">X</font>
</td>
</tr>

<tr>
<td class="resultcell">
BitDefender
</td>

<td align="center" class="resultcell">
<font color="red">X</font>
</td>
</tr>

<tr>
<td class="resultcell">
ClamAV
</td>
<td align="center" class="resultcell">

<font color="red">X</font>
</td>
</tr>

<tr>
<td class="resultcell">
Dr.Web
</td>
<td align="center" class="resultcell">
<font color="red">X</font>

</td>
</tr>

<tr>
<td class="resultcell">
F-Prot Antivirus
</td>
<td align="center" class="resultcell">
<font color="red">X</font>
</td>

</tr>

<tr>
<td class="resultcell">
Fortinet
</td>
<td align="center" class="resultcell">
W32/Tiot.A
</td>
</tr>

<tr>

<td class="resultcell">
Kaspersky Anti-Virus
</td>
<td align="center" class="resultcell">
not-a-virus:AdWare.BHO.Dap.b
</td>
</tr>

<tr>
<td class="resultcell">
NOD32
</td>

<td align="center" class="resultcell">
<font color="red">X</font>
</td>
</tr>

<tr>
<td class="resultcell">
Norman Virus Control
</td>
<td align="center" class="resultcell">

<font color="red">X</font>
</td>
</tr>

<tr>
<td class="resultcell">
UNA
</td>
<td align="center" class="resultcell">
Adware.BHO.Dap
</td>

</tr>

<tr>
<td class="resultcell">
VBA32
</td>
<td align="center" class="resultcell">
AdWare.BHO.Dap.b
</td>
</tr>

</table>

<br><br>

You're free to (mis)interpret these automated, flawed statistics at your own discretion.<br><br>
</td>
</tr>



</table>
<br><br>
<center>

<a class="servicelink" target="_blank" href="docs/FAQ">Frequently asked questions</a> - <a class="servicelink" href="javascript:void(0)" onclick="faq_read()">Feedback</a><br><br>
<a href="http://www.debian.org" target="_blank"><img src="images/debian.gif" border="0" alt="Debian"></a>
&nbsp;&nbsp;&nbsp;
<a href="http://validator.w3..../check/referer" target="_blank"><img src="images/valid-html401.gif" border="0" alt="Valid HTML 4.01!"></a><br><br>
Page generated by <a class="servicelink" target="_blank" href="http://www.jotti.org...TPL</a><br><br>
Copyright &copy; 2004-2005 Jordi Bosveld &lt;jotti@jotti.org&gt;

</center>
</body>
</html>
  • 0

#42
lannie

lannie

    Member

  • Topic Starter
  • Member
  • PipPip
  • 54 posts
I am not sure if what I posted is what you want. It seemed very long. That was thru Mozilla. Using IE and the same instructions I received this message: The file you uploaded is 0 bytes. It is very likely a firewall or a piece of malware is prohibiting you from uploading this file. :tazz: Hope this is clear.
Lannie
  • 0

#43
Excal

Excal

    Malware Slayer Extraordinaire!

  • Retired Staff
  • 12,739 posts
Lets try another scanner

http://www.kaspersky.com/homeuser

Download the 30 day free trial of kaspersky Anti-Virus personal 5.0

Install and update it.

Then boot to safe mode and run the scanner and see what it finds.


Thanks,

:tazz:

Excal
  • 0

#44
lannie

lannie

    Member

  • Topic Starter
  • Member
  • PipPip
  • 54 posts
Tried to download the trial program, but when I registered the link only takes me to a non-English site. Can't even tell what program I am looking for. No English at all! Any more suggestions? :tazz:
Thanks
  • 0

#45
lannie

lannie

    Member

  • Topic Starter
  • Member
  • PipPip
  • 54 posts
Here is the link I am directed to - I am having no luck get the trial program: http://d-us-1h.kaspe..._personalen.exe

Lannie :tazz:
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP