Sign in to follow this  
WholeFunShow

Strongly suspected false positive. Blusoleil/Veho

Recommended Posts

I had a problem submitting through the form on this site, so excuse me if I over elaborate here.

I got a Bluesoleil (a Bluetooth Stack company) install CD with a Bluetooth Dongle from Veho, (I think the only one they make: "VB-5881 Micro Bluetooth Dongle") the contents of which are available at their support/download page here: [url="http://www.veho-uk.com/main/downloads.aspx"]http://www.veho-uk.c.../downloads.aspx[/url] under Drivers and Software > 1) Bluetooth Dongles > VB-5881 Micro Bluetooth Dongle > VB-5881.zip .

I unarachived, clicked Autorun and selected the XP install, this creates three suspicious looking .exe's in the install folder: BlueSoleil.exe, BlueSoleil_.exe and BlueSoleil__.exe and the one w two underscores gets quarantined as Trojan. I tried to submit it here but get informed "You aren't permitted to upload this kind of file".

My ESET marks it (and everything) as clean, and VirusTotal.com lists 4/43 tagging it trojan. Thanks.

Log:


Logfile created: 08/05/2012 00:57:38
Ad-Aware version: 9.6.0
Extended engine: 3
Extended engine version: 3.1.2770
User performing scan: Aidan

*********************** Definitions database information ***********************
Lavasoft definition file: 150.827
Genotype definition file version: 2012/02/13 12:34:34
Extended engine definition file: 11889.0

******************************** Scan results: *********************************
Scan profile name: Context menu scan (ID: contextmenuscan)
Objects scanned: 3
Objects detected: 1


Type Detected
==========================
Processes.......: 0
Registry entries: 0
Hostfile entries: 0
Files...........: 1
Folders.........: 0
LSPs............: 0
Cookies.........: 0
Browser hijacks.: 0
MRU objects.....: 0



Quarantined items:
Description: d:\program files\ivt corporation\bluesoleil\bluesoleil__.exe Family Name: Trojan.Win32.Generic!BT Engine: 3 Clean status: Success Item ID: 1 Family ID: 0 MD5: e74031cde24cf2b012bdb3c2ffa3d706

Scan and cleaning complete: Finished correctly after 2 seconds

*********************************** Settings ***********************************

Scan profile:
ID: contextmenuscan, enabled:1, value: Context menu scan
ID: folderstoscan, enabled:1, value:
ID: useantivirus, enabled:1, value: true
ID: sections, enabled:1
ID: scancriticalareas, enabled:1, value: false
ID: scanrunningapps, enabled:1, value: false
ID: scanregistry, enabled:1, value: false
ID: scanlsp, enabled:1, value: false
ID: scanads, enabled:1, value: false
ID: scanhostsfile, enabled:1, value: false
ID: scanmru, enabled:1, value: false
ID: scanbrowserhijacks, enabled:1, value: false
ID: scantrackingcookies, enabled:1, value: false
ID: closebrowsers, enabled:0, value: false
ID: filescanningoptions, enabled:1
ID: archives, enabled:1, value: true
ID: onlyexecutables, enabled:1, value: false
ID: skiplargerthan, enabled:1, value: 20480
ID: scanrootkits, enabled:1, value: false
ID: rootkitlevel, enabled:1, value: mild, domain: medium,mild,strict
ID: usespywareheuristics, enabled:1, value: true

Scan global:
ID: global, enabled:1
ID: addtocontextmenu, enabled:1, value: true
ID: playsoundoninfection, enabled:1, value: false
ID: soundfile, enabled:0, value: N/A

Scheduled scan settings:
<Empty>

Update settings:
ID: updates, enabled:1
ID: launchthreatworksafterscan, enabled:1, value: silently, domain: normal,off,silently
ID: deffiles, enabled:1, value: downloadandinstall, domain: dontcheck,downloadandinstall
ID: licenseandinfo, enabled:1, value: downloadandinstall, domain: dontcheck,downloadandinstall
ID: schedules, enabled:1, value: true
ID: updatedaily1, enabled:1, value: Daily 1
ID: time, enabled:1, value: Tue Sep 06 22:28:00 2011
ID: frequency, enabled:1, value: daily, domain: daily,monthly,once,systemstart,weekly
ID: weekdays, enabled:1
ID: monday, enabled:1, value: false
ID: tuesday, enabled:1, value: false
ID: wednesday, enabled:1, value: false
ID: thursday, enabled:1, value: false
ID: friday, enabled:1, value: false
ID: saturday, enabled:1, value: false
ID: sunday, enabled:1, value: false
ID: monthly, enabled:1, value: 1, minvalue: 1, maxvalue: 31
ID: scanprofile, enabled:1, value:
ID: auto_deal_with_infections, enabled:1, value: false
ID: updatedaily2, enabled:1, value: Daily 2
ID: time, enabled:1, value: Tue Sep 06 04:28:00 2011
ID: frequency, enabled:1, value: daily, domain: daily,monthly,once,systemstart,weekly
ID: weekdays, enabled:1
ID: monday, enabled:1, value: false
ID: tuesday, enabled:1, value: false
ID: wednesday, enabled:1, value: false
ID: thursday, enabled:1, value: false
ID: friday, enabled:1, value: false
ID: saturday, enabled:1, value: false
ID: sunday, enabled:1, value: false
ID: monthly, enabled:1, value: 1, minvalue: 1, maxvalue: 31
ID: scanprofile, enabled:1, value:
ID: auto_deal_with_infections, enabled:1, value: false
ID: updatedaily3, enabled:1, value: Daily 3
ID: time, enabled:1, value: Tue Sep 06 10:28:00 2011
ID: frequency, enabled:1, value: daily, domain: daily,monthly,once,systemstart,weekly
ID: weekdays, enabled:1
ID: monday, enabled:1, value: false
ID: tuesday, enabled:1, value: false
ID: wednesday, enabled:1, value: false
ID: thursday, enabled:1, value: false
ID: friday, enabled:1, value: false
ID: saturday, enabled:1, value: false
ID: sunday, enabled:1, value: false
ID: monthly, enabled:1, value: 1, minvalue: 1, maxvalue: 31
ID: scanprofile, enabled:1, value:
ID: auto_deal_with_infections, enabled:1, value: false
ID: updatedaily4, enabled:1, value: Daily 4
ID: time, enabled:1, value: Tue Sep 06 16:28:00 2011
ID: frequency, enabled:1, value: daily, domain: daily,monthly,once,systemstart,weekly
ID: weekdays, enabled:1
ID: monday, enabled:1, value: false
ID: tuesday, enabled:1, value: false
ID: wednesday, enabled:1, value: false
ID: thursday, enabled:1, value: false
ID: friday, enabled:1, value: false
ID: saturday, enabled:1, value: false
ID: sunday, enabled:1, value: false
ID: monthly, enabled:1, value: 1, minvalue: 1, maxvalue: 31
ID: scanprofile, enabled:1, value:
ID: auto_deal_with_infections, enabled:1, value: false
ID: updateweekly1, enabled:1, value: Weekly
ID: time, enabled:1, value: Tue Sep 06 22:28:00 2011
ID: frequency, enabled:1, value: weekly, domain: daily,monthly,once,systemstart,weekly
ID: weekdays, enabled:1
ID: monday, enabled:1, value: false
ID: tuesday, enabled:1, value: true
ID: wednesday, enabled:1, value: false
ID: thursday, enabled:1, value: false
ID: friday, enabled:1, value: true
ID: saturday, enabled:1, value: false
ID: sunday, enabled:1, value: false
ID: monthly, enabled:1, value: 1, minvalue: 1, maxvalue: 31
ID: scanprofile, enabled:1, value:
ID: auto_deal_with_infections, enabled:1, value: false

Appearance settings:
ID: appearance, enabled:1
ID: skin, enabled:1, value: default.egl, reglocation: HKEY_LOCAL_MACHINE\SOFTWARE\Lavasoft\Ad-Aware\Resource
ID: showtrayicon, enabled:1, value: true
ID: autoentertainmentmode, enabled:1, value: true
ID: guimode, enabled:1, value: mode_simple, domain: mode_advanced,mode_simple
ID: language, enabled:1, value: en, reglocation: HKEY_LOCAL_MACHINE\SOFTWARE\Lavasoft\Ad-Aware\Language

Realtime protection settings:
ID: realtime, enabled:1
ID: infomessages, enabled:1, value: onlyimportant, domain: display,dontnotify,onlyimportant
ID: layers, enabled:1
ID: useantivirus, enabled:1, value: true
ID: usespywareheuristics, enabled:1, value: true
ID: maintainbackup, enabled:1, value: true
ID: modules, enabled:1
ID: processprotection, enabled:1, value: true
ID: onaccessprotection, enabled:1, value: true
ID: registryprotection, enabled:1, value: true
ID: networkprotection, enabled:1, value: true


****************************** System information ******************************
Computer name: PRIOR
Processor name: Intel® Core™2 CPU 6300 @ 1.86GHz
Processor identifier: x86 Family 6 Model 15 Stepping 6
Processor speed: ~1861MHZ
Raw info: processorarchitecture 0, processortype 586, processorlevel 6, processor revision 3846, number of processors 2, processor features: [MMX,SSE,SSE2]
Physical memory available: 251600896 bytes
Physical memory total: 2145824768 bytes
Virtual memory available: 1930240000 bytes
Virtual memory total: 2147352576 bytes
Memory load: 88%
Microsoft Windows XP Home Edition Service Pack 3 (build 2600)
Windows startup mode:

Running processes:
PID: 800 name: \SystemRoot\System32\smss.exe owner: SYSTEM domain: NT AUTHORITY
PID: 860 name: C:\WINDOWS\system32\csrss.exe owner: SYSTEM domain: NT AUTHORITY
PID: 892 name: C:\WINDOWS\system32\winlogon.exe owner: SYSTEM domain: NT AUTHORITY
PID: 936 name: C:\WINDOWS\system32\services.exe owner: SYSTEM domain: NT AUTHORITY
PID: 948 name: C:\WINDOWS\system32\lsass.exe owner: SYSTEM domain: NT AUTHORITY
PID: 1128 name: C:\WINDOWS\system32\svchost.exe owner: SYSTEM domain: NT AUTHORITY
PID: 1192 name: C:\WINDOWS\system32\svchost.exe owner: NETWORK SERVICE domain: NT AUTHORITY
PID: 1288 name: C:\WINDOWS\System32\svchost.exe owner: SYSTEM domain: NT AUTHORITY
PID: 1328 name: C:\WINDOWS\system32\svchost.exe owner: SYSTEM domain: NT AUTHORITY
PID: 1376 name: C:\WINDOWS\system32\svchost.exe owner: NETWORK SERVICE domain: NT AUTHORITY
PID: 1528 name: C:\WINDOWS\system32\svchost.exe owner: LOCAL SERVICE domain: NT AUTHORITY
PID: 1716 name: C:\WINDOWS\system32\spoolsv.exe owner: SYSTEM domain: NT AUTHORITY
PID: 356 name: C:\WINDOWS\system32\svchost.exe owner: LOCAL SERVICE domain: NT AUTHORITY
PID: 620 name: C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe owner: SYSTEM domain: NT AUTHORITY
PID: 792 name: C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe owner: SYSTEM domain: NT AUTHORITY
PID: 848 name: C:\WINDOWS\System32\svchost.exe owner: LOCAL SERVICE domain: NT AUTHORITY
PID: 1072 name: C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe owner: SYSTEM domain: NT AUTHORITY
PID: 1412 name: C:\WINDOWS\system32\nvsvc32.exe owner: SYSTEM domain: NT AUTHORITY
PID: 1460 name: C:\WINDOWS\Explorer.EXE owner: Aidan domain: PRIOR
PID: 1076 name: C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe owner: UpdatusUser domain: PRIOR
PID: 1920 name: C:\WINDOWS\System32\svchost.exe owner: LOCAL SERVICE domain: NT AUTHORITY
PID: 248 name: C:\WINDOWS\system32\svchost.exe owner: SYSTEM domain: NT AUTHORITY
PID: 320 name: D:\Program Files\NVIDIA Corporation\System Update\UpdateCenterService.exe owner: SYSTEM domain: NT AUTHORITY
PID: 1388 name: C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE owner: SYSTEM domain: NT AUTHORITY
PID: 1940 name: C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe owner: SYSTEM domain: NT AUTHORITY
PID: 2084 name: C:\WINDOWS\system32\wbem\unsecapp.exe owner: SYSTEM domain: NT AUTHORITY
PID: 2372 name: C:\WINDOWS\system32\wbem\wmiprvse.exe owner: SYSTEM domain: NT AUTHORITY
PID: 3224 name: C:\Program Files\ActivBoard\ABoard.exe owner: Aidan domain: PRIOR
PID: 3248 name: C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe owner: Aidan domain: PRIOR
PID: 3256 name: C:\Program Files\ActivBoard\AOSD.exe owner: Aidan domain: PRIOR
PID: 3264 name: C:\WINDOWS\RTHDCPL.EXE owner: Aidan domain: PRIOR
PID: 3324 name: C:\WINDOWS\system32\RunDLL32.exe owner: Aidan domain: PRIOR
PID: 3484 name: C:\WINDOWS\system32\ctfmon.exe owner: Aidan domain: PRIOR
PID: 3604 name: D:\Program Files\EXPERTool 7.14\TBPanel.exe owner: Aidan domain: PRIOR
PID: 3748 name: D:\Documents and Settings\Aidan\Local Settings\Application Data\Google\Update\1.3.21.111\GoogleCrashHandler.exe owner: Aidan domain: PRIOR
PID: 1160 name: C:\WINDOWS\system32\taskmgr.exe owner: Aidan domain: PRIOR
PID: 2932 name: D:\Documents and Settings\Aidan\Local Settings\Application Data\Google\Chrome\Application\chrome.exe owner: Aidan domain: PRIOR
PID: 3368 name: D:\Documents and Settings\Aidan\Local Settings\Application Data\Google\Chrome\Application\chrome.exe owner: Aidan domain: PRIOR
PID: 700 name: D:\Documents and Settings\Aidan\Local Settings\Application Data\Google\Chrome\Application\chrome.exe owner: Aidan domain: PRIOR
PID: 3968 name: D:\Documents and Settings\Aidan\Local Settings\Application Data\Google\Chrome\Application\chrome.exe owner: Aidan domain: PRIOR
PID: 1660 name: D:\Documents and Settings\Aidan\Local Settings\Application Data\Google\Chrome\Application\chrome.exe owner: Aidan domain: PRIOR
PID: 3908 name: D:\Documents and Settings\Aidan\Local Settings\Application Data\Google\Chrome\Application\chrome.exe owner: Aidan domain: PRIOR
PID: 4088 name: D:\Documents and Settings\Aidan\Local Settings\Application Data\Google\Chrome\Application\chrome.exe owner: Aidan domain: PRIOR
PID: 2996 name: D:\Documents and Settings\Aidan\Local Settings\Application Data\Google\Chrome\Application\chrome.exe owner: Aidan domain: PRIOR
PID: 312 name: D:\Documents and Settings\Aidan\Local Settings\Application Data\Google\Chrome\Application\chrome.exe owner: Aidan domain: PRIOR
PID: 1368 name: D:\Documents and Settings\Aidan\Local Settings\Application Data\Google\Chrome\Application\chrome.exe owner: Aidan domain: PRIOR
PID: 4012 name: D:\Documents and Settings\Aidan\Local Settings\Application Data\Google\Chrome\Application\chrome.exe owner: Aidan domain: PRIOR
PID: 3212 name: D:\Documents and Settings\Aidan\Local Settings\Application Data\Google\Chrome\Application\chrome.exe owner: Aidan domain: PRIOR
PID: 764 name: D:\Documents and Settings\Aidan\Local Settings\Application Data\Google\Chrome\Application\chrome.exe owner: Aidan domain: PRIOR
PID: 1500 name: D:\Documents and Settings\Aidan\Local Settings\Application Data\Google\Chrome\Application\chrome.exe owner: Aidan domain: PRIOR
PID: 2196 name: D:\Documents and Settings\Aidan\Local Settings\Application Data\Google\Chrome\Application\chrome.exe owner: Aidan domain: PRIOR
PID: 2708 name: D:\Documents and Settings\Aidan\Local Settings\Application Data\Google\Chrome\Application\chrome.exe owner: Aidan domain: PRIOR
PID: 3660 name: D:\Documents and Settings\Aidan\Local Settings\Application Data\Google\Chrome\Application\chrome.exe owner: Aidan domain: PRIOR
PID: 3396 name: D:\Documents and Settings\Aidan\Local Settings\Application Data\Google\Chrome\Application\chrome.exe owner: Aidan domain: PRIOR
PID: 4072 name: D:\Documents and Settings\Aidan\Local Settings\Application Data\Google\Chrome\Application\chrome.exe owner: Aidan domain: PRIOR
PID: 692 name: D:\Documents and Settings\Aidan\Local Settings\Application Data\Google\Chrome\Application\chrome.exe owner: Aidan domain: PRIOR
PID: 4040 name: D:\Documents and Settings\Aidan\Local Settings\Application Data\Google\Chrome\Application\chrome.exe owner: Aidan domain: PRIOR
PID: 1304 name: D:\Documents and Settings\Aidan\Local Settings\Application Data\Google\Chrome\Application\chrome.exe owner: Aidan domain: PRIOR
PID: 2604 name: D:\Documents and Settings\Aidan\Local Settings\Application Data\Google\Chrome\Application\chrome.exe owner: Aidan domain: PRIOR
PID: 2564 name: D:\Documents and Settings\Aidan\My Documents\Chrome\VB-5881\autorun.exe owner: Aidan domain: PRIOR
PID: 3200 name: C:\WINDOWS\system32\msiexec.exe owner: SYSTEM domain: NT AUTHORITY
PID: 216 name: D:\Program Files\Lavasoft\Ad-Aware\AAWService.exe owner: SYSTEM domain: NT AUTHORITY
PID: 3440 name: D:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe owner: Aidan domain: PRIOR
PID: 3208 name: D:\Program Files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe owner: Aidan domain: PRIOR

Startup items:
Name: CTFMON.EXE
imagepath: C:\WINDOWS\system32\CTFMON.EXE
Name: NVIDIA nTune
imagepath: "C:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe" clear
Name: PostBootReminder
imagepath: {7849596a-48ea-486e-8937-a2a3009f31a9}
Name: CDBurn
imagepath: {fbeb8a05-beee-4442-804e-409d6c4515e9}
Name: WebCheck
imagepath: {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
Name: SysTray
imagepath: {35CEC8A3-2BE6-11D2-8773-92E220524153}
Name: WPDShServiceObj
imagepath: {AAA288BA-9A4C-45B0-95D7-94D524869DB5}
Name: PHIME2002ASync
imagepath: C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
Name: PHIME2002A
imagepath: C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
Name: IMJPMIG8.1
imagepath: "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32"
Name: ActivBoard
imagepath: C:\Program Files\ActivBoard\ABoard.exe
Name: egui
imagepath: "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
Name: RTHDCPL
imagepath: RTHDCPL.EXE
Name: APSDaemon
imagepath: "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
Name: BluetoothAuthenticationAgent
imagepath: rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
Name: Adobe Reader Speed Launcher
imagepath: "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
Name: Adobe ARM
imagepath: "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
Name: NvCplDaemon
imagepath: RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
Name: NvMediaCenter
imagepath: RunDLL32.exe NvMCTray.dll,NvTaskbarInit -login
Name: nwiz
imagepath: C:\Program Files\NVIDIA Corporation\nview\nwiz.exe /installquiet
Name: iTunesHelper
imagepath: "D:\Program Files\iTunes\iTunesHelper.exe"
Name: SunJavaUpdateSched
imagepath: "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
Name: amd_dc_opt
imagepath: C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe
Name: {438755C2-A8BA-11D1-B96B-00A0C90312E1}
imagepath: Browseui preloader
Name: {8C7461EF-2B13-11d2-BE35-3078302C2030}
imagepath: Component Categories cache daemon
Name:
imagepath: D:\Documents and Settings\All Users\Start Menu\Programs\Startup\desktop.ini

Bootexecute items:
Name:
imagepath: autocheck autochk *
Name:
imagepath: lsdelete

Running services:
Name: Alerter
displayname: Alerter
Name: AudioSrv
displayname: Windows Audio
Name: BITS
displayname: Background Intelligent Transfer Service
Name: CryptSvc
displayname: Cryptographic Services
Name: DcomLaunch
displayname: DCOM Server Process Launcher
Name: Dhcp
displayname: DHCP Client
Name: Dnscache
displayname: DNS Client
Name: ekrn
displayname: ESET Service
Name: ERSvc
displayname: Error Reporting Service
Name: Eventlog
displayname: Event Log
Name: EventSystem
displayname: COM+ Event System
Name: FastUserSwitchingCompatibility
displayname: Fast User Switching Compatibility
Name: helpsvc
displayname: Help and Support
Name: JavaQuickStarterService
displayname: Java Quick Starter
Name: lanmanserver
displayname: Server
Name: lanmanworkstation
displayname: Workstation
Name: Lavasoft Ad-Aware Service
displayname: Lavasoft Ad-Aware Service
Name: LmHosts
displayname: TCP/IP NetBIOS Helper
Name: MSIServer
displayname: Windows Installer
Name: Net Driver HPZ12
displayname: Net Driver HPZ12
Name: Netman
displayname: Network Connections
Name: Nla
displayname: Network Location Awareness (NLA)
Name: nTuneService
displayname: nTune Service
Name: NVSvc
displayname: NVIDIA Driver Helper Service
Name: nvUpdatusService
displayname: NVIDIA Update Service Daemon
Name: PlugPlay
displayname: Plug and Play
Name: Pml Driver HPZ12
displayname: Pml Driver HPZ12
Name: PolicyAgent
displayname: IPSEC Services
Name: ProtectedStorage
displayname: Protected Storage
Name: RasMan
displayname: Remote Access Connection Manager
Name: RpcSs
displayname: Remote Procedure Call (RPC)
Name: SamSs
displayname: Security Accounts Manager
Name: Schedule
displayname: Task Scheduler
Name: seclogon
displayname: Secondary Logon
Name: SENS
displayname: System Event Notification
Name: SharedAccess
displayname: Windows Firewall/Internet Connection Sharing (ICS)
Name: ShellHWDetection
displayname: Shell Hardware Detection
Name: Spooler
displayname: Print Spooler
Name: srservice
displayname: System Restore Service
Name: SSDPSRV
displayname: SSDP Discovery Service
Name: stisvc
displayname: Windows Image Acquisition (WIA)
Name: TapiSrv
displayname: Telephony
Name: TermService
displayname: Terminal Services
Name: Themes
displayname: Themes
Name: TrkWks
displayname: Distributed Link Tracking Client
Name: UpdateCenterService
displayname: Update Center Service
Name: upnphost
displayname: Universal Plug and Play Device Host
Name: W32Time
displayname: Windows Time
Name: WebClient
displayname: WebClient
Name: winmgmt
displayname: Windows Management Instrumentation
Name: wlidsvc
displayname: Windows Live ID Sign-in Assistant
Name: wscsvc
displayname: Security Center
Name: wuauserv
displayname: Automatic Updates
Name: WudfSvc
displayname: Windows Driver Foundation - User-mode Driver Framework
Name: WZCSVC
displayname: Wireless Zero Configuration

Share this post


Link to post
Share on other sites
[quote]I tried to submit it here but get informed "You aren't permitted to upload this kind of file".[/quote]
Hi WholeFunShow,

You have to zip the file before uploading it.

Share this post


Link to post
Share on other sites
[quote name='CeciliaB' timestamp='1336468208' post='135292']
Hi WholeFunShow,

You have to zip the file before uploading it.
[/quote]

Whoops, Sorry about that, I've read the guide now, thanks. I forgot to say in last post it's Ad Aware 9.6.0 that I'm using. PFA Infected file.

Share this post


Link to post
Share on other sites
Hi WholeFunShow,

Thanks for the upload - I'll check it out and post the result here.

Andy
Lavasoft Malware Labs

Share this post


Link to post
Share on other sites
Sign in to follow this