Page 1 of 2 12 LastLast
Results 1 to 10 of 12

Thread: What is this file - ldgVVf.exe?

  1. #1
    dwongski Guest

    Default What is this file - ldgVVf.exe?

    A file by the name of "ldgVVf.exe" keeps trying to access the internet and the ZoneAlarm firewall catches it every time. Anyone, what is this file and what does it do?

    I'm running XP Pro on a home built machine. The file is found in 2 places - C:\ and in C:\Windows\System32.

    Interestingly, this file can't be found on a similar home built machine also running XP Pro nor can I find it on the machines in my office which are also runnng XP Pro.

    Any thoughts would be appreciated.

    Operating System:
    Windows XP Pro
    Software Version:
    7.0
    Product Name:
    ZoneAlarm (Free)

    Message Edited by dwongski on 03-10-2008 10:24 PM

  2. #2
    Join Date
    Dec 2005
    Posts
    9,056

    Default Re: What is this file - ldgVVf.exe?

    Right click the files (as seen in the locations in the windows directory).

    Open the Properties.

    In the General tab, the date/time created shows the time of install.
    The date/time modified shows the update event.

    In the Version tab, the vendor and file description is found.

    In the Digital Signatures, click the items(s) in the box and click the Details button.

    Does this help?
    Oldsod.
    Best regards.
    oldsod

  3. #3
    dwongski Guest

    Default Re: What is this file - ldgVVf.exe?

    No. the properties window doesn't display the version or the digital signatures. Just shows when it was 1st installed and the current date as being when it was last accessed.

  4. #4
    Join Date
    Dec 2005
    Posts
    9,056

    Default Re: What is this file - ldgVVf.exe?

    Copy this file and and upload it to www.virustotal.com It will be scanned by numerous scanners and give some indication if it malware or a safe file. Sounds suspicious to me already.

    Oldsod.
    Best regards.
    oldsod

  5. #5
    dwongski Guest

    Default Re: What is this file - ldgVVf.exe?

    Thanks. Its been submitted and I'll let you know what the response is.

  6. #6
    Join Date
    Dec 2005
    Posts
    9,056

    Default Re: What is this file - ldgVVf.exe?

    Umm.... the response is usually immediate and does not take too long, just a few minutes. Maybe something went wrong?

    Oldsod.
    Best regards.
    oldsod

  7. #7
    dwongski Guest

    Default Re: What is this file - ldgVVf.exe?

    7 of the 32 at virustotal classifies this file as a low threat Heuristic Malware. Maybe I'll just move it to a empty flash drive (or copy it to a flash drive and delete it) and see what happens to my system.

  8. #8
    Join Date
    Nov 2004
    Location
    localhost
    Posts
    17,290

    Default Re: What is this file - ldgVVf.exe?

    Hi!
    difficult to asses without the exact detection... many AV in virustotal will report packers (software used to compress the executable) as suspicious but this does not mean the file per se is malicious.

    Next time post the detailed results of virustotal.

    Cheers,
    Fax

    Click here for ZA Support
    Monday-Saturday 6am to 10pm Central time
    Closed Sundays and Holidays

  9. #9
    dwongski Guest

    Default Re: What is this file - ldgVVf.exe?

    Here is the full virus total result.

    File ldgVVf.exe received on 03.17.2008 03:42:24 (CET)
    Antivirus Version Last Update Result
    AhnLab-V3 2008.3.15.0 2008.03.14 -
    AntiVir 7.6.0.73 2008.03.16 HEUR/Malware
    Authentium 4.93.8 2008.03.14 -
    **bleep** 4.7.1098.0 2008.03.16 -
    AVG 7.5.0.516 2008.03.16 SHeur.AJEL
    **bleep** 7.2 2008.03.17 -
    CAT-QuickHeal 9.50 2008.03.14 -
    ClamAV 0.92.1 2008.03.17 -
    DrWeb 4.44.0.09170 2008.03.16 -
    eSafe 7.0.15.0 2008.03.09 suspicious Trojan/Worm
    eTrust-Vet 31.3.5616 2008.03.14 -
    Ewido 4.0 2008.03.16 -
    FileAdvisor 1 2008.03.17 Low threat detected
    Fortinet 3.14.0.0 2008.03.17 -
    F-Prot 4.4.2.54 2008.03.16 -
    F-Secure 6.70.13260.0 2008.03.17 -
    Ikarus T3.1.1.20 2008.03.17 -
    Kaspersky 7.0.0.125 2008.03.17 -
    McAfee 5252 2008.03.14 -
    Microsoft 1.3301 2008.03.16 -
    NOD32v2 2951 2008.03.17 -
    Norman 5.80.02 2008.03.14 -
    Panda 9.0.0.4 2008.03.16 -
    Prevx1 V2 2008.03.17 Heuristic: Suspicious File With Persistence
    Rising 20.35.61.00 2008.03.16 -
    Sophos 4.27.0 2008.03.16 Mal/Heuri-D
    **bleep** 3.0.963.0 2008.03.14 -
    Symantec 10 2008.03.17 -
    TheHacker 6.2.92.247 2008.03.15 -
    VBA32 3.12.6.2 2008.03.16 -
    VirusBuster 4.3.26:9 2008.03.16 -
    Webwasher-Gateway 6.6.2 2008.03.16 Heuristic.Malware
    Additional information
    File size: 33280 bytes
    MD5: 993206f8f611f1e9629da7acd3426dae
    SHA1: 7f7deaa8f063b97fcf155f1cb15f7636855a34ee
    PEiD: UPX 2.90 [LZMA] -> Markus Oberhumer, Laszlo Molnar & John Reiser
    packers: UPX
    Bit9 info: http://fileadvisor.bit9.com/services...9da7acd3426dae
    packers: UPX
    packers: PE_Patch.UPX, UPX
    Prevx info: http://info.prevx.com/aboutprogramte...1E0700C2B060F0

  10. #10
    Join Date
    Dec 2005
    Posts
    9,056

    Default Re: What is this file - ldgVVf.exe?

    Sure seems something is wrong. The file is not a clean file and very suspect.

    Best regards.
    Oldsod.
    Best regards.
    oldsod

Page 1 of 2 12 LastLast

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •