scheinbar mehrere Trojaner, alle erforderlichen Logs sind vorhanden! =)

Datei PhotoShopCS4_X32_Crk.EXE empfangen 2009.07.11 21:26:28 (UTC)
Status:    Beendet 
Ergebnis: 10/41 (24.4%) 
 Filter 
Drucken der Ergebnisse  Antivirus	Version	letzte aktualisierung	Ergebnis
a-squared	4.5.0.18	2009.07.11	-
AhnLab-V3	5.0.0.2	2009.07.11	-
AntiVir	7.9.0.204	2009.07.11	-
Antiy-AVL	2.0.3.1	2009.07.10	-
Authentium	5.1.2.4	2009.07.11	W32/Backdoor2.DBHW
Avast	4.8.1335.0	2009.07.11	Win32:Trojan-gen {Other}
AVG	8.5.0.387	2009.07.11	SHeur2.FZL
BitDefender	7.2	2009.07.11	-
CAT-QuickHeal	10.00	2009.07.10	-
ClamAV	0.94.1	2009.07.11	Trojan.Vundo-10526
Comodo	1619	2009.07.11	-
DrWeb	5.0.0.12182	2009.07.11	Trojan.Virtumod.1465
eSafe	7.0.17.0	2009.07.09	-
eTrust-Vet	31.6.6608	2009.07.10	-
F-Prot	4.4.4.56	2009.07.11	W32/Backdoor2.DBHW
F-Secure	8.0.14470.0	2009.07.11	Trojan.Win32.Monderd.gen
Fortinet	3.120.0.0	2009.07.11	-
GData	19	2009.07.11	Win32:Trojan-gen {Other}
Ikarus	T3.1.1.64.0	2009.07.11	-
Jiangmin	11.0.706	2009.07.11	-
K7AntiVirus	7.10.790	2009.07.11	-
Kaspersky	7.0.0.125	2009.07.11	-
McAfee	5673	2009.07.11	-
McAfee+Artemis	5673	2009.07.11	Vundo
McAfee-GW-Edition	6.8.5	2009.07.11	Trojan.Agent.280064
Microsoft	1.4803	2009.07.11	-
NOD32	4235	2009.07.11	-
Norman	6.01.09	2009.07.10	-
nProtect	2009.1.8.0	2009.07.11	-
Panda	10.0.0.14	2009.07.11	-
PCTools	4.4.2.0	2009.07.11	-
Prevx	3.0	2009.07.11	-
Rising	21.37.52.00	2009.07.11	-
Sophos	4.43.0	2009.07.11	-
Sunbelt	3.2.1858.2	2009.07.11	-
Symantec	1.4.4.12	2009.07.11	-
TheHacker	6.3.4.3.365	2009.07.11	-
TrendMicro	8.950.0.1094	2009.07.10	-
VBA32	3.12.10.8	2009.07.11	-
ViRobot	2009.7.11.1831	2009.07.11	-
VirusBuster	4.6.5.0	2009.07.11	-
weitere Informationen
File size: 407552 bytes
MD5...: 636c78cad73733d6b8b5d0f429a1bd65
SHA1..: 204045111946d90f5604654cb8e04174c3e122c3
SHA256: 24de8cd24631271add833dc11b601d46f2de5f4e5d7380fcaaff0aa28d544756
ssdeep: 6144:NGjSrChsrAIBRGk099HMWMxWngy4uUtNPETSruv0utwK3+6Wta4ULXoqSuw
:NGOrQs7RGkyTkSgHuUAmr7utl3+6SYS
PEiD..: -
TrID..: File type identification
Win64 Executable Generic (64.5%)
InstallShield setup (32.4%)
Generic Win/DOS Executable (1.5%)
DOS Executable Generic (1.5%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
PEInfo: PE Structure information

( base data )
entrypointaddress.: 0xc824
timedatestamp.....: 0x479197f3 (Sat Jan 19 06:25:55 2008)
machinetype.......: 0x8664 (AMD64)

( 5 sections )
name viradd virsiz rawdsiz ntrpy md5
.text 0x1000 0xd49c 0xd600 6.39 c5bc27cc02a2d31c78d8f939ee125a70
.data 0xf000 0x2764 0x800 5.44 3ae8dbe2960ff5a66b14bf9e5d12e698
.pdata 0x12000 0x570 0x600 4.13 6f9b50fbc78892eefdb8338863e70f10
.rsrc 0x13000 0x54d10 0x54e00 7.90 4d0642ca0fe9dc1e2ebb5567bbb7fea2
.reloc 0x68000 0x112 0x200 0.20 96271d46a899f8b81255e7a800967225

( 7 imports ) 
> ADVAPI32.dll: OpenProcessToken, GetTokenInformation, RegSetValueExA, EqualSid, RegQueryValueExA, LookupPrivilegeValueA, RegCreateKeyExA, RegOpenKeyExA, RegQueryInfoKeyA, RegDeleteValueA, AllocateAndInitializeSid, FreeSid, AdjustTokenPrivileges, RegCloseKey
> KERNEL32.dll: GetCurrentProcess, GlobalLock, _lclose, ExpandEnvironmentStringsA, GetWindowsDirectoryA, GlobalAlloc, GetPrivateProfileIntA, GetFileAttributesA, IsDBCSLeadByte, GetSystemDirectoryA, GlobalUnlock, GetShortPathNameA, CreateDirectoryA, FindFirstFileA, GetLastError, GetProcAddress, RemoveDirectoryA, SetFileAttributesA, GlobalFree, FindClose, GetPrivateProfileStringA, LoadLibraryA, LocalAlloc, WritePrivateProfileStringA, GetModuleFileNameA, FindNextFileA, CompareStringA, _lopen, CloseHandle, LocalFree, DeleteFileA, ExitProcess, DosDateTimeToFileTime, FreeLibrary, FindResourceA, SetFilePointer, FreeResource, LoadResource, WaitForSingleObject, SetEvent, GetModuleHandleW, FormatMessageA, SetFileTime, WriteFile, GetDriveTypeA, GetVolumeInformationA, TerminateThread, SizeofResource, CreateEventA, GetExitCodeProcess, lstrlenA, ReadFile, SetCurrentDirectoryA, GetTempFileNameA, ResetEvent, LockResource, GetSystemInfo, LoadLibraryExA, CreateMutexA, GetCurrentDirectoryA, GetVersionExA, GetVersion, GetTempPathA, CreateThread, LocalFileTimeToFileTime, Sleep, CreateFileA, _llseek, lstrcmpA, GetStartupInfoW, RtlVirtualUnwind, RtlLookupFunctionEntry, RtlCaptureContext, SetUnhandledExceptionFilter, QueryPerformanceCounter, GetTickCount, GetCurrentThreadId, GetCurrentProcessId, GetSystemTimeAsFileTime, TerminateProcess, UnhandledExceptionFilter, EnumResourceLanguagesA, MulDiv, GetDiskFreeSpaceA, CreateProcessA
> GDI32.dll: GetDeviceCaps
> USER32.dll: ReleaseDC, PeekMessageA, MessageBoxA, GetDC, SendMessageA, SetForegroundWindow, MsgWaitForMultipleObjects, SendDlgItemMessageA, GetWindowLongPtrA, GetWindowRect, SetWindowPos, ShowWindow, SetWindowLongPtrA, DispatchMessageA, SetWindowTextA, EnableWindow, CallWindowProcA, DialogBoxIndirectParamA, GetDlgItemTextA, LoadStringA, MessageBeep, CharUpperA, CharNextA, ExitWindowsEx, CharPrevA, EndDialog, GetDesktopWindow, SetDlgItemTextA, GetDlgItem, GetSystemMetrics
> msvcrt.dll: __set_app_type, memcpy, memset, _terminate@@YAXXZ, _fmode, _acmdln, exit, _commode, __setusermatherr, _amsg_exit, _cexit, _ismbblead, _exit, _XcptFilter, __C_specific_handler, __getmainargs, _vsnprintf, _initterm
> COMCTL32.dll: -
> VERSION.dll: GetFileVersionInfoA, GetFileVersionInfoSizeA, VerQueryValueA

( 0 exports ) 
PDFiD.: -
RDS...: NSRL Reference Data Set
-
ThreatExpert info: <a href='http://www.threatexpert.com/report.aspx?md5=636c78cad73733d6b8b5d0f429a1bd65' target='_blank'>http://www.threatexpert.com/report.aspx?md5=636c78cad73733d6b8b5d0f429a1bd65</a>
packers (F-Prot): CAB
packers (Authentium): CAB, CAB