Jump to content


Dropper.Pakes

Started by JAGO, Apr 23 2007 01:51 PM

  • You cannot reply to this topic
1 reply to this topic

#1 OFFLINE   JAGO

    Advanced Member

  • Members
  • PipPipPip
  • 363 posts
  • Gender:Male
  • Location:Michigan

Posted 23 April 2007 - 01:51 PM

Edit: This appears to be the false positive hazelnut is warning about...


What is it? Where did I get it from?

---------------------------------------------------------
AVG Anti-Spyware - Scan Report
---------------------------------------------------------

+ Created at: 9:55:55 AM 4/23/2007

+ Scan result:



C:\Program Files\CCleaner\uninst.exe -> Dropper.Pakes : No action taken.


::Report end



HJT Log:
Logfile of Trend Micro HijackThis v2.0.0 (BETA)
Scan saved at 9:51:05 AM, on 4/23/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\foobar2000\foobar2000.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Miranda IM\miranda32.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Anthony\Desktop\HiJackThis_v2.exe

O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: lxcf_device - - C:\WINDOWS\system32\lxcfcoms.exe

--
End of file - 1746 bytes


Will post KAV log in a bit :).
IPB Image

#2 OFFLINE   TonyKlein

    Power Member

  • Spyware Moderators
  • 606 posts
  • Gender:Male
  • Location:Netherlands

Posted 23 April 2007 - 02:12 PM

As Hazelnut said, it is a False Positive; a False Positive being a legitimate file erroneously identified as malware by an antivirus.

And again, just like Hazelnut said, Ewido now recognize it's an erroneous detection, and they will fix it with one of the following updates.

Therefore, nothing wrong with your computer.

Happy surfing! :)
Tony CLSID List - A Collection of Autostart Locations
Back to Spyware Hell


  1. Piriform Community Forums
  2. Computer Help and Discussion
  3. Spyware Hell