Jump to content

Prevx 2.0

Recommended Posts

After a test with that program it came up with this.

This executable program has a file size of 126,464 bytes, it is most frequently called WMIAPSRV.EXE and is most frequently located in the %windir%\softwaredistribution\download\??\ folder.

The file header contains the following information:

Vendor : Microsoft Corporation

Product: WMI-prestatieadapterservice

Version: 5.1.2600.551

This file is considered unsafe and is part of the malware group, LoveBoom:Worm-a. It was first seen on Friday, May 2 2008. It has been seen frequently by 369 users in this section of the community. The file was first seen in NETHERLANDS but has been seen in other locations, including The EUROPEAN UNION.

WMIAPSRV.EXE has been seen to perform the following behaviors:

- Registers a Dynamic Link Library File

- The Process is polymorphic and can change its structure

- Executes a Process

WMIAPSRV.EXE has been the subject of the following behaviors:

- Created as a new Background Service on the machine

- Executed as a Process

- Added as a Service in the System Registry Current Control Set

- Created as a process on disk

- Has code inserted into its Virtual Memory space by other programs

- Deleted as a process from disk

- Terminated as a Process

Doing a reboot with firstdefence and will post a new logfile, i am sure sas will find nothing.

Share this post

Link to post
Share on other sites

SUPERAntiSpyware Scan Log


Generated 05/28/2008 at 02:15 PM

Application Version : 4.1.1046

Core Rules Database Version : 3469

Trace Rules Database Version: 1460

Scan type : Complete Scan

Total Scan Time : 00:15:14

Memory items scanned : 324

Memory threats detected : 0

Registry items scanned : 6006

Registry threats detected : 0

File items scanned : 29247

File threats detected : 0

Sas didn't found it.

How can i be sure there is nothing wrong?


Share this post

Link to post
Share on other sites

Thanks that did it :lol:

I am sending it 2 times, i found it 2 times on a different location. :wink:

Share this post

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

  • Create New...