Results 1 to 6 of 6

Thread: GameData.dll Virus in Moyea Flash Video MX

  1. #1
    offroadmedic Guest

    Default GameData.dll Virus in Moyea Flash Video MX

    I have been using Moyea Flash Video MX for over a year, I recently updated ZA to the latest 7.0.470.
    Every time I open Flash MX it quarantines a "Backdoor.Win32.RAdmin.aj"....I trust that ZA is doing its job but it wont let me run my FLV converter anymore after the quarantine.
    Could someone advise if I can modify expert rules or something to allow my program to continue? I searched the forum and found no other threads related to this specific problem.

    Thanks Chris

    Operating System:Windows XP Pro
    Software Version:7.0
    Product Name:ZoneAlarm Internet Security Suite

  2. #2
    Join Date
    Nov 2004
    Location
    localhost
    Posts
    17,291

    Default Re: GameData.dll Virus in Moyea Flash Video MX

    Hi!
    go to the ZA antivirus/antispyware tab --> advanced options --> Virus Management, Automatic Treatment and set to "Alert me - do not treat automatically".

    Next time the thread is detected select "ignore always" from the drop down menu.

    Cheers,
    Fax

    Click here for ZA Support
    Monday-Saturday 6am to 10pm Central time
    Closed Sundays and Holidays

  3. #3
    offroadmedic Guest

    Default Re: GameData.dll Virus in Moyea Flash Video MX

    Thanks FAX....got me back in business quickly

  4. #4
    Join Date
    Nov 2004
    Location
    localhost
    Posts
    17,291

    Default Re: GameData.dll Virus in Moyea Flash Video MX

    You're welcome!May be you could check that file by uploading it to www.virustotal.com just to be sure you are not dealing with real malware.Cheers,Fax

    Click here for ZA Support
    Monday-Saturday 6am to 10pm Central time
    Closed Sundays and Holidays

  5. #5
    offroadmedic Guest

    Default Re: GameData.dll Virus in Moyea Flash Video MX

    Thanks again...didn't know about that website....here is what came back. Hard to read b/c of copy and paste, but I suppose on the 3rd line where it says "Result: 9/33 (27.8%) is what is most important. I am guessing that means this a probably not a serious virus. Please correct me if I'm wrong FAX

    Chris

    ----------------------------------------------------------------------------------------------------------------
    File GameData.dll received on 06.26.2008 19:34:50 (CET)
    Current status: Loading ... queued waiting scanning finished NOT FOUND STOPPED
    ------->Result: 9/33 (27.28%)-------------------------------------------------
    Loading server information...
    Your file is queued in position: ___.
    Estimated start time is between ___ and ___ .
    Do not close the window until scan is complete.
    The scanner that was processing your file is stopped at this moment, we are going to wait a few seconds to try to recover your result.
    If you are waiting for more than five minutes you have to resend your file.
    Your file is being scanned by VirusTotal in this moment,
    results will be shown as they're generated.
    Compact Compact
    Print results Print results
    Your file has expired or does not exists.
    Service is stopped in this moments, your file is waiting to be scanned (position: ) for an undefined time.

    You can wait for web response (automatic reload) or type your email in the form below and click "request" so the system sends you a notification when the scan is finished.
    Email:

    Antivirus Version Last Update Result
    AhnLab-V3 2008.6.26.0 2008.06.26 -
    AntiVir 7.8.0.59 2008.06.26 -
    Authentium 5.1.0.4 2008.06.25 W32/Heuristic-210!Eldorado
    **bleep** 4.8.1195.0 2008.06.26 -
    AVG 7.5.0.516 2008.06.26 -
    **bleep** 7.2 2008.06.26 -
    CAT-QuickHeal 9.50 2008.06.26 -
    ClamAV 0.93.1 2008.06.26 -
    DrWeb 4.44.0.09170 2008.06.26 -
    eSafe 7.0.17.0 2008.06.26 Suspicious File
    eTrust-Vet 31.6.5907 2008.06.26 -
    Ewido 4.0 2008.06.26 -
    F-Prot 4.4.4.56 2008.06.25 W32/Heuristic-210!Eldorado
    F-Secure 7.60.13501.0 2008.06.24 Backdoor.Win32.RAdmin.aj
    Fortinet 3.14.0.0 2008.06.26 -
    GData 2.0.7306.1023 2008.06.26 Backdoor.Win32.RAdmin.aj
    Ikarus T3.1.1.26.0 2008.06.26 Backdoor.Win32.Agent.OW
    Kaspersky 7.0.0.125 2008.06.26 Backdoor.Win32.RAdmin.aj
    McAfee 5326 2008.06.26 -
    Microsoft None 2008.06.26 -
    NOD32v2 3222 2008.06.26 -
    Norman 5.80.02 2008.06.26 -
    Panda 9.0.0.4 2008.06.26 -
    Prevx1 V2 2008.06.26 -
    Rising 20.50.32.00 2008.06.26 -
    Sophos 4.30.0 2008.06.26 -
    **bleep** 3.0.1153.1 2008.06.15 VIPRE.Suspicious
    Symantec 10 2008.06.26 -
    TheHacker 6.2.92.362 2008.06.26 -
    TrendMicro 8.700.0.1004 2008.06.26 -
    VBA32 3.12.6.8 2008.06.26 -
    VirusBuster 4.5.11.0 2008.06.23 -
    Webwasher-Gateway 6.6.2 2008.06.26 Win32.Malware.gen (suspicious)
    Additional information
    File size: 182784 bytes
    MD5...: 59b0eb4f654c30490754110eab4b7178
    SHA1..: e88b53126d3d808061e4185f6fe07d18d21094b5
    SHA256: 1729956b6e409bcf83abd7e5727b14688462e3202e86d2df50 ef00b5d219d5d9
    SHA512: 29272784d645c3f6092d70943937c9d825bb2c32959e0e6b10 0bdebb33368abc
    ca4253e0ccc8aaafea0f795dc1c938d3dfc44a13cf3c769703 4344a839796093
    PEiD..: ASProtect SKE 2.1x (dll) -> Alexey Solodovnikov (h)
    PEInfo: PE Structure information

    ( base data )
    entrypointaddress.: 0x1004f001
    timedatestamp.....: 0x4321568d (Fri Sep 09 09:31:57 2005)
    machinetype.......: 0x14c (I386)

    ( 7 sections )
    name viradd virsiz rawdsiz ntrpy md5
    0x1000 0xf000 0x8200 7.98 1a0cf34cd4616542c038f562e48dca62
    0x10000 0x4000 0x4000 4.90 b9d6b63ac318d4040438a5a7d84b538c
    0x14000 0x36000 0xc00 7.56 5dc7b92dce9bff268fde0b01a723876a
    .rsrc 0x4a000 0x2000 0x2000 4.31 1c151fd3d3f77336b71e745137ad8f2a
    0x4c000 0x3000 0x1000 7.95 bfb3f554c02fd33e35ca28d393dc2412
    .data 0x4f000 0x1c000 0x1bc00 7.77 703b8b88f5ada5e1b62ba16747d25b64
    .adata 0x6b000 0x1000 0x0 0.00 d41d8cd98f00b204e9800998ecf8427e

    ( 8 imports )
    > kernel32.dll: GetProcAddress, GetModuleHandleA, LoadLibraryA
    > user32.dll: RegisterWindowMessageA
    > gdi32.dll: SetTextColor
    > winspool.drv: DocumentPropertiesA
    > advapi32.dll: RegSetValueExA
    > comctl32.dll: -
    > oleaut32.dll: VariantChangeTypeEx
    > kernel32.dll: RaiseException

    ( 2 exports )
    DoGame, InitGame
    packers (F-Prot): PE_Patch, Aspack
    packers (Authentium): PE_Patch, Aspack, Aspack

  6. #6
    Join Date
    Nov 2004
    Location
    localhost
    Posts
    17,291

    Default Re: GameData.dll Virus in Moyea Flash Video MX

    Hi!the best you can do is to send an e-mail to kaspersky analyst (newvirus at kaspersky dot com). Subject: False positive?.Attach the file in a password protected ZIP and include the password in the e-mail. You will hear back from them if it is malware or not.I would not run a system with malware infections.Cheers,Fax

    Click here for ZA Support
    Monday-Saturday 6am to 10pm Central time
    Closed Sundays and Holidays

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •