Jump to content
IObit Forum
Top Free Driver Updater Tools Best 25 PC Optimization Software Best 22 Antimalware Best 22 Uninstaller Software IObit Coupons & Discount Offers PC Optimizer

c:\windows\system32\driverStore\fileRepository [SOLVED by db1333]


Recommended Posts

hard to view the full string but the following is continued after the heading of this thread

 

prnep 001.inf f0a9a372\i386EPOLVR1D.DLL

 

other entries have same sting but last letter different have

VRIC

VR1D

VR1E

VR1M

VR10

 

is there an easy way to view an entry other than hovering the mouse over the entry, being able to max to full screen would really help here.

Link to comment
Share on other sites

found save a report gives me full view

 

Redosdru.AH, File, C:\Windows\System32\DriverStore\FileRepository\prnep001.inf_f0a9a372\I386\EP0LVR1C.DLL, 12-173

Redosdru.AH, File, C:\Windows\System32\DriverStore\FileRepository\prnep001.inf_f0a9a372\I386\EP0LVR1D.DLL, 12-173

Redosdru.AH, File, C:\Windows\System32\DriverStore\FileRepository\prnep001.inf_f0a9a372\I386\EP0LVR1E.DLL, 12-173

Redosdru.AH, File, C:\Windows\System32\DriverStore\FileRepository\prnep001.inf_f0a9a372\I386\EP0LVR1M.DLL, 12-173

Redosdru.AH, File, C:\Windows\System32\DriverStore\FileRepository\prnep001.inf_f0a9a372\I386\EP0LVR1N.DLL, 12-173

Redosdru.AH, File, C:\Windows\System32\DriverStore\FileRepository\prnep001.inf_f0a9a372\I386\EP0LVR1O.DLL, 12-173

Link to comment
Share on other sites

found save a report gives me full view

 

Redosdru.AH, File, C:\Windows\System32\DriverStore\FileRepository\prnep001.inf_f0a9a372\I386\EP0LVR1C.DLL, 12-173

Redosdru.AH, File, C:\Windows\System32\DriverStore\FileRepository\prnep001.inf_f0a9a372\I386\EP0LVR1D.DLL, 12-173

Redosdru.AH, File, C:\Windows\System32\DriverStore\FileRepository\prnep001.inf_f0a9a372\I386\EP0LVR1E.DLL, 12-173

Redosdru.AH, File, C:\Windows\System32\DriverStore\FileRepository\prnep001.inf_f0a9a372\I386\EP0LVR1M.DLL, 12-173

Redosdru.AH, File, C:\Windows\System32\DriverStore\FileRepository\prnep001.inf_f0a9a372\I386\EP0LVR1N.DLL, 12-173

Redosdru.AH, File, C:\Windows\System32\DriverStore\FileRepository\prnep001.inf_f0a9a372\I386\EP0LVR1O.DLL, 12-173

 

hi sunny staines,

 

sorry for the inconvenience.

 

they must be FPs.

 

would you please give a full log with the db versions. also you should upload the suspicious files to virustotal and give a report here. we will correct as soon as the FPs are confirmed.

 

Thanks in advance.

Link to comment
Share on other sites

  • 2 months later...

Confirmed to be False Positives?

 

Hello,

 

I was wondering if these files have indeed been confirmed to be false positives as I, too, have 6 of them appearing when I scan with IObit Security 360 (McAfee doesn't catch them).

 

I first discovered them last night. I immediately quarantined and deleted them, but when I ran a second scan a bit later they reappeared. I went through the same process and disconnected my computer from the Internet for the night. This morning I ran the scan for again to find they had popped up once more.

 

The exact file names are:

 

C:\Windows\System32\DriverStore\FileRepository\prnep001.inf_f0a93a372\I386\EP0LVR.1C.DLL

 

C:\Windows\System32\DriverStore\FileRepository\prnep001.inf_f0a93a372\I386\EP0LVR.1D.DLL

 

C:\Windows\System32\DriverStore\FileRepository\prnep001.inf_f0a93a372\I386\EP0LVR.1E.DLL

 

C:\Windows\System32\DriverStore\FileRepository\prnep001.inf_f0a93a372\I386\EP0LVR.1M.DLL

 

C:\Windows\System32\DriverStore\FileRepository\prnep001.inf_f0a93a372\I386\EP0LVR.1N.DLL

 

C:\Windows\System32\DriverStore\FileRepository\prnep001.inf_f0a93a372\I386\EP0LVR.1O.DLL

 

I'm hoping they are FP as I have heard the redrosdru strains are pretty bad (though I have found nothing on the redrosdru.AH specifically).

 

I'm not particularly technologically savvy, so I would appreciate any help you can give me! Hopefully it's good news :grin:

 

Regardless, could you tell me why I have to continually delete these items?

 

In advance, thank you!!!!!!!

 

Amy

Link to comment
Share on other sites

Hello Amy,

 

Thanks for your feedback.

 

Firstly, you can upload these files to www.virustotal.com for scanning.

 

Secondly, we'd suggest you save a report of IObit Security 360 scanning result, and then copy and paste the report here. So that we can further investigate it.

 

We appreciate your support.8)

Link to comment
Share on other sites

  • 1 month later...

False Positives?

 

hi guys... seems like i'm too having the same problems in rgds to iobit scan which keeps bringing up the same trojan viruses/ i've done what most of you guys have done but they still keep appearing... can anyone advice further please?

 

here is the iobit report i got :

 

IObit Security 360

 

OS:Windows Vista

Version:1.4.0.11

Define Version:1331

Time Elapsed:00:28:13

Objects Scanned:69087

Threats Found:6

 

|Name|Type|Description|ID|

Trojan.Redosdru, File, C:\Windows\System32\DriverStore\FileRepository\prnep001.inf_f0a9a372\I386\EP0LVR1C.DLL, 12-777

Trojan.Redosdru, File, C:\Windows\System32\DriverStore\FileRepository\prnep001.inf_f0a9a372\I386\EP0LVR1D.DLL, 12-777

Trojan.Redosdru, File, C:\Windows\System32\DriverStore\FileRepository\prnep001.inf_f0a9a372\I386\EP0LVR1E.DLL, 12-777

Trojan.Redosdru, File, C:\Windows\System32\DriverStore\FileRepository\prnep001.inf_f0a9a372\I386\EP0LVR1M.DLL, 12-777

Trojan.Redosdru, File, C:\Windows\System32\DriverStore\FileRepository\prnep001.inf_f0a9a372\I386\EP0LVR1N.DLL, 12-777

Trojan.Redosdru, File, C:\Windows\System32\DriverStore\FileRepository\prnep001.inf_f0a9a372\I386\EP0LVR1O.DLL, 12-777

Link to comment
Share on other sites

False positive ?

 

IObit Security 360

 

OS:Windows Vista

Version:1.4.1.11

Define Version:1332

Time Elapsed:00:20:16

Objects Scanned:66840

Threats Found:6

 

|Name|Type|Description|ID|

Trojan.Redosdru, File, C:\Windows\System32\DriverStore\FileRepository\prnep001.inf_f0a9a372\I386\EP0LVR1C.DLL, 12-821

Trojan.Redosdru, File, C:\Windows\System32\DriverStore\FileRepository\prnep001.inf_f0a9a372\I386\EP0LVR1D.DLL, 12-821

Trojan.Redosdru, File, C:\Windows\System32\DriverStore\FileRepository\prnep001.inf_f0a9a372\I386\EP0LVR1E.DLL, 12-821

Trojan.Redosdru, File, C:\Windows\System32\DriverStore\FileRepository\prnep001.inf_f0a9a372\I386\EP0LVR1M.DLL, 12-821

Trojan.Redosdru, File, C:\Windows\System32\DriverStore\FileRepository\prnep001.inf_f0a9a372\I386\EP0LVR1N.DLL, 12-821

Trojan.Redosdru, File, C:\Windows\System32\DriverStore\FileRepository\prnep001.inf_f0a9a372\I386\EP0LVR1O.DLL, 12-821

 

Here's Virus Total analysis :

 

File IObit_20Security_20360_20Report.l received on 2010.02.27 22:21:48 (UTC)

Antivirus Version Last Update Result

a-squared 4.5.0.50 2010.02.27 -

AhnLab-V3 5.0.0.2 2010.02.27 -

AntiVir 8.2.1.176 2010.02.26 -

Antiy-AVL 2.0.3.7 2010.02.26 -

Authentium 5.2.0.5 2010.02.27 -

Avast 4.8.1351.0 2010.02.27 -

Avast5 5.0.332.0 2010.02.27 -

AVG 9.0.0.730 2010.02.27 -

BitDefender 7.2 2010.02.27 -

CAT-QuickHeal 10.00 2010.02.27 -

ClamAV 0.96.0.0-git 2010.02.27 -

Comodo 4087 2010.02.27 -

DrWeb 5.0.1.12222 2010.02.27 -

eSafe 7.0.17.0 2010.02.25 -

eTrust-Vet 35.2.7331 2010.02.26 -

F-Prot 4.5.1.85 2010.02.27 -

F-Secure 9.0.15370.0 2010.02.27 -

Fortinet 4.0.14.0 2010.02.27 -

GData 19 2010.02.27 -

Ikarus T3.1.1.80.0 2010.02.27 -

Jiangmin 13.0.900 2010.02.27 -

K7AntiVirus 7.10.984 2010.02.26 -

Kaspersky 7.0.0.125 2010.02.27 -

McAfee 5905 2010.02.27 -

McAfee+Artemis 5905 2010.02.27 -

McAfee-GW-Edition 6.8.5 2010.02.27 -

Microsoft 1.5502 2010.02.27 -

NOD32 4901 2010.02.27 -

Norman 6.04.08 2010.02.27 -

nProtect 2009.1.8.0 2010.02.27 -

Panda 10.0.2.2 2010.02.27 -

PCTools 7.0.3.5 2010.02.27 -

Prevx 3.0 2010.02.27 -

Rising 22.36.05.04 2010.02.27 -

Sophos 4.50.0 2010.02.27 -

Sunbelt 5702 2010.02.27 -

Symantec 20091.2.0.41 2010.02.27 -

TheHacker 6.5.1.6.213 2010.02.27 -

TrendMicro 9.120.0.1004 2010.02.27 -

VBA32 3.12.12.2 2010.02.26 -

ViRobot 2010.2.27.2206 2010.02.27 -

VirusBuster 5.0.27.0 2010.02.27 -

Additional information

File size: 886 bytes

MD5...: e26a94b726668eed36ad243778c9d674

SHA1..: 5bbcdf20cbc10d104df723da533ea27c1de20c09

SHA256: 5f8e9a8d2ed3f5fd236e42a1c1c5410f3550daed2ebfc47e48948d1c528fdf3d

ssdeep: 24:D1foBugui+S3a4QeNS/hQeNSYQeNSzQeNS7QeNSaQeNSl:DmB7u14Mh/k8JE<br>

PEiD..: -

PEInfo: -

RDS...: NSRL Reference Data Set<br>-

pdfid.: -

sigcheck:<br>publisher....: n/a<br>copyright....: n/a<br>product......: n/a<br>description..: n/a<br>original name: n/a<br>internal name: n/a<br>file version.: n/a<br>comments.....: n/a<br>signers......: -<br>signing date.: -<br>verified.....: Unsigned<br>

trid..: Unknown!

Link to comment
Share on other sites

I have the same.

I will upload the files right now.

I really would like to know if there are real or false.

thanks

 

I am not sure if this is exactly what you want. but here:

 

Current status: Loading ... queued waiting scanning finished NOT FOUND STOPPED

Result: 0/42 (0%)

 

http://www.virustotal.com/analisis/7c9e329b8c98105378779872932216bba517ada1c4f759b75d5cfe76a9494bcc-1267320151

Link to comment
Share on other sites

Hi Magnus101,

 

I meant to load each of them seperately.

The reason is, how should they know which one if one of them was infected and report showed that the zip file was infected, but I think yours is sufficient for IObit, assuming that your zip file contains all of the 6 files.

 

Cheers.

Link to comment
Share on other sites

Hi, Drhombeat,

 

You should have uploaded the bold files below from your PC, not the IObit security report (IObit_20Security_20360_20Report.l)(886 bytes).

And give the links to those virustotal reports.

 

C:\Windows\System32\DriverStore\FileRepository\prn ep001.inf_f0a9a372\I386\EP0LVR1C.DLL

C:\Windows\System32\DriverStore\FileRepository\prn ep001.inf_f0a9a372\I386\EP0LVR1D.DLL

C:\Windows\System32\DriverStore\FileRepository\prn ep001.inf_f0a9a372\I386\EP0LVR1E.DLL

C:\Windows\System32\DriverStore\FileRepository\prn ep001.inf_f0a9a372\I386\EP0LVR1M.DLL

C:\Windows\System32\DriverStore\FileRepository\prn ep001.inf_f0a9a372\I386\EP0LVR1N.DLL

C:\Windows\System32\DriverStore\FileRepository\prn ep001.inf_f0a9a372\I386\EP0LVR1O.DLL

 

 

Cheers.

Link to comment
Share on other sites

threats??

 

im trying very trying im told but trying to sort out a friends laptop any help welcombe IObit Security 360

 

OS:Windows Vista

Version:1.4.0.11

Define Version:1332

Time Elapsed:00:21:16

Objects Scanned:65032Threats Found:8

 

|Name|Type|Description|ID|

 

 

Trojan.Redosdru - Quarantined, File, C:\Windows\System32\DriverStore\FileRepository\prnep001.inf_f0a9a372\I386\EP0LVR1C.DLL, 12-821

Trojan.Redosdru - Quarantined, File, C:\Windows\System32\DriverStore\FileRepository\prnep001.inf_f0a9a372\I386\EP0LVR1D.DLL, 12-821

Trojan.Redosdru - Quarantined, File, C:\Windows\System32\DriverStore\FileRepository\prnep001.inf_f0a9a372\I386\EP0LVR1E.DLL, 12-821

Trojan.Redosdru - Quarantined, File, C:\Windows\System32\DriverStore\FileRepository\prnep001.inf_f0a9a372\I386\EP0LVR1M.DLL, 12-821

Trojan.Redosdru - Quarantined, File, C:\Windows\System32\DriverStore\FileRepository\prnep001.inf_f0a9a372\I386\EP0LVR1N.DLL, 12-821

Trojan.Redosdru - Quarantined, File, C:\Windows\System32\DriverStore\FileRepository\prnep001.inf_f0a9a372\I386\EP0LVR1O.DLL, 12-821

Link to comment
Share on other sites

Just a hint:8)

 

Open Explorer:

 

Follow the below route for the folders to reach to the concerned File to be uploaded.

 

Example:

C:\Windows\System32\DriverStore\FileRepository\prn ep001.inf_f0a9a372\I386\EP0LVR1C.DLL

 

ie.

 

C: => Windows => System32 => DriverStore => FileRepository => prn ep001.inf_f0a9a372 => I386 => EP0LVR1C.DLL

 

Cheers.

Link to comment
Share on other sites

hello guys

 

Thanks for your feedback.

 

Firstly, after scanning, please save a report of the scanning result and send to us.

 

Secondly, you can upload or send us your suspicious file, and then we can further investigate it. At the same time, you can upload your suspicious file to http://www.virustotal.com for analyzing, and post your analysis report.

 

We are looking forward to your reply.

Link to comment
Share on other sites

 

Hello gazzere46

you can upload or send us your suspicious file, and then we can further investigate it. At the same time, you can upload your suspicious file to www.virustotal.com for analyzing, and post your analysis report.

 

We are looking forward to your reply.

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...