Author Topic: Ezcapt.exe and Uninstap.exe  (Read 6130 times)

0 Members and 1 Guest are viewing this topic.

nyc98765

  • Guest
Ezcapt.exe and Uninstap.exe
« on: January 20, 2010, 05:17:32 PM »
I received a warning today with Avast that these 2 files contained Win32:Malware-gen

C:\Program Files\apoint2K\Ezcapt.exe
C:\Program Files\apoint2K\apoint2K\Uninstap.exe

I did a scan with other online anti-virus and even uploaded the files to kaspersky.com and they come up clean. This is very strange because they have been on my computer for many years and have not been changed since 2003 and have never come up in a virus scan before. It only occurred when I opened the folder C:\Program Files\apoint2K\ today.

I do not want to move them to the chest because they seem to be common files and may be important.

Offline Pondus

  • Probably Bot
  • ****
  • Posts: 37506
  • Not a avast user
Re: Ezcapt.exe and Uninstap.exe
« Reply #1 on: January 20, 2010, 05:37:09 PM »
upload the files to virustotal www.virustotal.com and when you have the result, copy the URL in the addressbar and post it here



This is a valid program, but it is up to you whether or not you want it to run on startup.
http://www.bleepingcomputer.com/startups/Apoint-315.html
http://www.systemlookup.com/search.php?list=&type=filename&search=Apoint.exe&s=
« Last Edit: January 20, 2010, 05:44:21 PM by Pondus »

nyc98765

  • Guest
Re: Ezcapt.exe and Uninstap.exe
« Reply #2 on: January 20, 2010, 05:53:40 PM »
Results from scanning
Program Files\apoint2K\Ezcapt.exe
Program Files\apoint2K\Uninstap.exe

 File Ezcapt.exe received on 2010.01.20 12:00:59 (UTC)
Current status: finished
Result: 2/41 (4.88%)
Compact Compact
Print results Print results
Antivirus    Version    Last Update    Result
a-squared    4.5.0.50    2010.01.20    -
AhnLab-V3    5.0.0.2    2010.01.19    -
AntiVir    7.9.1.142    2010.01.20    -
Antiy-AVL    2.0.3.7    2010.01.20    -
Authentium    5.2.0.5    2010.01.20    -
Avast    4.8.1351.0    2010.01.20    Win32:Malware-gen
AVG    9.0.0.730    2010.01.19    -
BitDefender    7.2    2010.01.20    -
CAT-QuickHeal    10.00    2010.01.20    -
ClamAV    0.94.1    2010.01.20    -
Comodo    3645    2010.01.20    -
DrWeb    5.0.1.12222    2010.01.20    -
eSafe    7.0.17.0    2010.01.19    -
eTrust-Vet    35.2.7247    2010.01.20    -
F-Prot    4.5.1.85    2010.01.19    -
F-Secure    9.0.15370.0    2010.01.20    -
Fortinet    4.0.14.0    2010.01.20    -
GData    19    2010.01.20    Win32:Malware-gen
Ikarus    T3.1.1.80.0    2010.01.20    -
Jiangmin    13.0.900    2010.01.20    -
K7AntiVirus    7.10.950    2010.01.18    -
Kaspersky    7.0.0.125    2010.01.20    -
McAfee    5866    2010.01.19    -
McAfee+Artemis    5866    2010.01.19    -
McAfee-GW-Edition    6.8.5    2010.01.20    -
Microsoft    1.5302    2010.01.20    -
NOD32    4789    2010.01.20    -
Norman    6.04.03    2010.01.19    -
nProtect    2009.1.8.0    2010.01.20    -
Panda    10.0.2.2    2010.01.19    -
PCTools    7.0.3.5    2010.01.19    -
Prevx    3.0    2010.01.20    -
Rising    22.31.02.04    2010.01.20    -
Sophos    4.49.0    2010.01.20    -
Sunbelt    3.2.1858.2    2010.01.20    -
Symantec    20091.2.0.41    2010.01.20    -
TheHacker    6.5.0.7.157    2010.01.20    -
TrendMicro    9.120.0.1004    2010.01.20    -
VBA32    3.12.12.1    2010.01.20    -
ViRobot    2010.1.20.2146    2010.01.20    -
VirusBuster    5.0.21.0    2010.01.19    -
Additional information
File size: 159744 bytes
MD5   : 92aa1374601959fcf1e803baf97f4a90
SHA1  : c17cdd7eb905cfffa75cc3f2ce2dd1eda8827810
SHA256: dcb607987d8bd841da1d661ea948a63bd8980964e87549b5ad80bd55c6be6140
PEInfo: PE Structure information

( base data )
entrypointaddress.: 0x5332
timedatestamp.....: 0x3F72CD05 (Thu Sep 25 13:09:57 2003)
machinetype.......: 0x14C (Intel I386)

( 4 sections )
name viradd virsiz rawdsiz ntrpy md5
.text 0x1000 0x15116 0x16000 6.36 648b7b1a139c91e89d01419bad0b1f86
.rdata 0x17000 0x4932 0x5000 4.65 211e8fc70830d6abec9ee29a59b8906c
.data 0x1C000 0x6F68 0x4000 2.38 82dc8fac1a49a83796450752a1d5c7df
.rsrc 0x23000 0x6978 0x7000 4.01 87ede627fc8c14b662666d9ce0add07e

----------

 File Uninstap.exe received on 2010.01.19 20:58:04 (UTC)
Current status: finished
Result: 2/41 (4.88%)

Antivirus    Version    Last Update    Result
a-squared    4.5.0.50    2010.01.19    -
AhnLab-V3    5.0.0.2    2010.01.19    -
AntiVir    7.9.1.142    2010.01.19    -
Antiy-AVL    2.0.3.7    2010.01.19    -
Authentium    5.2.0.5    2010.01.19    -
Avast    4.8.1351.0    2010.01.19    Win32:Malware-gen
AVG    9.0.0.730    2010.01.19    -
BitDefender    7.2    2010.01.19    -
CAT-QuickHeal    10.00    2010.01.19    -
ClamAV    0.94.1    2010.01.19    -
Comodo    3640    2010.01.19    -
DrWeb    5.0.1.12222    2010.01.19    -
eSafe    7.0.17.0    2010.01.19    -
eTrust-Vet    35.2.7246    2010.01.19    -
F-Prot    4.5.1.85    2010.01.19    -
F-Secure    9.0.15370.0    2010.01.19    -
Fortinet    4.0.14.0    2010.01.19    -
GData    19    2010.01.19    Win32:Malware-gen
Ikarus    T3.1.1.80.0    2010.01.19    -
Jiangmin    13.0.900    2010.01.19    -
K7AntiVirus    7.10.950    2010.01.18    -
Kaspersky    7.0.0.125    2010.01.19    -
McAfee    5866    2010.01.19    -
McAfee+Artemis    5866    2010.01.19    -
McAfee-GW-Edition    6.8.5    2010.01.19    -
Microsoft    1.5302    2010.01.19    -
NOD32    4787    2010.01.19    -
Norman    6.04.03    2010.01.19    -
nProtect    2009.1.8.0    2010.01.19    -
Panda    10.0.2.2    2010.01.19    -
PCTools    7.0.3.5    2010.01.19    -
Prevx    3.0    2010.01.19    -
Rising    22.31.01.04    2010.01.19    -
Sophos    4.49.0    2010.01.19    -
Sunbelt    3.2.1858.2    2010.01.19    -
Symantec    20091.2.0.41    2010.01.19    -
TheHacker    6.5.0.6.156    2010.01.19    -
TrendMicro    9.120.0.1004    2010.01.19    -
VBA32    3.12.12.1    2010.01.19    -
ViRobot    2010.1.19.2144    2010.01.19    -
VirusBuster    5.0.21.0    2010.01.19    -
Additional information
File size: 196608 bytes
MD5   : 4778e966fb675762a48136dcad110cd7
SHA1  : 647a6a62c0fbfe41ce95aad67b415076e779cf9d
SHA256: 144f2983af98b859cf75ac0f4026a460d76f61fe8c8573e694b9b9fe82b80c41
PEInfo: PE Structure information

( base data )
entrypointaddress.: 0xC751
timedatestamp.....: 0x3EF00E85 (Wed Jun 18 09:02:29 2003)
machinetype.......: 0x14C (Intel I386)

( 4 sections )
name viradd virsiz rawdsiz ntrpy md5
.text 0x1000 0x1C542 0x1D000 6.30 1c0bb23794a72762a3442a2962255c36
.rdata 0x1E000 0x4B0E 0x5000 4.74 0173a32ade619fca703cbe3557adb5c7
.data 0x23000 0xB968 0x9000 4.11 a7e42813ab3fad2e6f5502e878d9b2c3
.rsrc 0x2F000 0x3C38 0x4000 4.80 443a6e6e53202629fef70baca56d5d34


Offline Milos

  • Avast team
  • Super Poster
  • *
  • Posts: 2293
Re: Ezcapt.exe and Uninstap.exe
« Reply #4 on: January 20, 2010, 06:15:53 PM »
Hello,
thank you, false positives will be fixed in next VPS update.

Milos