somebody100 | 21.11.2008 22:16 | C:\windows\002681_.tmp Code:
Antivirus Version letzte aktualisierung Ergebnis
AhnLab-V3 2008.11.21.0 2008.11.21 -
AntiVir 7.9.0.35 2008.11.21 -
Authentium 5.1.0.4 2008.11.21 -
Avast 4.8.1281.0 2008.11.21 -
AVG 8.0.0.199 2008.11.21 -
BitDefender 7.2 2008.11.21 -
CAT-QuickHeal 10.00 2008.11.21 -
ClamAV 0.94.1 2008.11.21 -
DrWeb 4.44.0.09170 2008.11.21 -
eSafe 7.0.17.0 2008.11.19 -
eTrust-Vet 31.6.6221 2008.11.21 -
Ewido 4.0 2008.11.21 -
F-Prot 4.4.4.56 2008.11.21 -
F-Secure 8.0.14332.0 2008.11.21 -
Fortinet 3.117.0.0 2008.11.21 -
GData 19 2008.11.21 -
Ikarus T3.1.1.45.0 2008.11.21 -
K7AntiVirus 7.10.530 2008.11.21 -
Kaspersky 7.0.0.125 2008.11.21 -
McAfee 5441 2008.11.21 -
McAfee+Artemis 5440 2008.11.20 -
Microsoft 1.4104 2008.11.21 -
NOD32 3631 2008.11.21 -
Norman 5.80.02 2008.11.21 -
Panda 9.0.0.4 2008.11.21 -
PCTools 4.4.2.0 2008.11.21 -
Prevx1 V2 2008.11.21 Malicious Software
Rising 21.04.42.00 2008.11.21 -
SecureWeb-Gateway 6.7.6 2008.11.21 -
Sophos 4.35.0 2008.11.21 -
Sunbelt 3.1.1823.2 2008.11.21 -
Symantec 10 2008.11.21 -
TheHacker 6.3.1.1.159 2008.11.19 -
TrendMicro 8.700.0.1004 2008.11.21 -
VBA32 3.12.8.9 2008.11.21 -
ViRobot 2008.11.18.1474 2008.11.18 -
VirusBuster 4.5.11.0 2008.11.21 -
weitere Informationen
File size: 19569 bytes
MD5...: 8737f6f4c8ec1e2a9ea5516f1b3ae1ad
SHA1..: dc4a321cfa7f5f269134932e6bda90badd8974ba
SHA256: 831e2030a051703f571ef7fa7f663dc322cd99e2c431d77f6eabc738e34742f0
SHA512: 652a70c6160085fc22c8031c925274be692ed54bbea4ddb9404b011e85f3ae50
39c9e267bf8fa05febc45e1c24573c5e33f5cdd83721775821c2fe0d822c82aa
PEiD..: -
TrID..: File type identification
Unknown!
PEInfo: -
Prevx info: http://info.prevx.com/aboutprogramtext.asp?PX5=8737F6F471C8EC1E4C2A009EA5516F001B3AE1AD c:\windows\system32\SPIRUN.dll Code:
Antivirus Version letzte aktualisierung Ergebnis
AhnLab-V3 2008.11.21.0 2008.11.21 -
AntiVir 7.9.0.35 2008.11.21 -
Authentium 5.1.0.4 2008.11.21 -
Avast 4.8.1281.0 2008.11.21 -
AVG 8.0.0.199 2008.11.21 -
BitDefender 7.2 2008.11.21 -
CAT-QuickHeal 10.00 2008.11.21 -
ClamAV 0.94.1 2008.11.21 -
DrWeb 4.44.0.09170 2008.11.21 -
eSafe 7.0.17.0 2008.11.19 -
eTrust-Vet 31.6.6221 2008.11.21 -
Ewido 4.0 2008.11.21 -
F-Prot 4.4.4.56 2008.11.21 -
F-Secure 8.0.14332.0 2008.11.21 -
Fortinet 3.117.0.0 2008.11.21 -
GData 19 2008.11.21 -
Ikarus T3.1.1.45.0 2008.11.21 -
K7AntiVirus 7.10.530 2008.11.21 -
Kaspersky 7.0.0.125 2008.11.21 -
McAfee 5441 2008.11.21 -
McAfee+Artemis 5440 2008.11.20 -
Microsoft 1.4104 2008.11.21 -
NOD32 3631 2008.11.21 -
Norman 5.80.02 2008.11.21 -
Panda 9.0.0.4 2008.11.21 -
PCTools 4.4.2.0 2008.11.21 -
Prevx1 V2 2008.11.21 -
Rising 21.04.42.00 2008.11.21 -
SecureWeb-Gateway 6.7.6 2008.11.21 -
Sophos 4.35.0 2008.11.21 -
Sunbelt 3.1.1823.2 2008.11.21 -
Symantec 10 2008.11.21 -
TheHacker 6.3.1.1.159 2008.11.19 -
TrendMicro 8.700.0.1004 2008.11.21 -
VBA32 3.12.8.9 2008.11.21 -
ViRobot 2008.11.18.1474 2008.11.18 -
VirusBuster 4.5.11.0 2008.11.21 -
weitere Informationen
File size: 10752 bytes
MD5...: 4335e08db7dbab46d13d0512f642b427
SHA1..: a5db5e8f228341d00b208059c96fb2f55edf70e4
SHA256: 65c461b141eedf6ef0d5ccfa6af349c74a7f571e84c7929e748d304ac485348b
SHA512: d4fbe9f6f3c411b8a8c40f3a3e46345d151377e7305edfec77fd61428a2a404b
02526a2028bd158981b4c6cd81d880e86939f53df76dcce432e9a5c904ec1525
PEiD..: -
TrID..: File type identification
Win64 Executable Generic (80.9%)
Win32 Executable Generic (8.0%)
Win32 Dynamic Link Library (generic) (7.1%)
Generic Win/DOS Executable (1.8%)
DOS Executable Generic (1.8%)
PEInfo: PE Structure information
( base data )
entrypointaddress.: 0x40232c
timedatestamp.....: 0x44a8a063 (Mon Jul 03 04:43:15 2006)
machinetype.......: 0x14c (I386)
( 4 sections )
name viradd virsiz rawdsiz ntrpy md5
.text 0x1000 0x1d39 0x1e00 6.81 19372a27cd37cf8df8f75f74d3518c16
.data 0x3000 0x360 0x200 0.30 6cfaa78c25d53392f4fc7323c2ba8d4b
.rsrc 0x4000 0x380 0x400 2.92 b175fc1b7adbeb13feec1b61df37f0ab
.reloc 0x5000 0x1d8 0x200 4.29 0ba953231d21778207499581b8dcb06c
( 5 imports )
> msvcrt.dll: malloc, _XcptFilter, free, memset, __3@YAXPAX@Z, _initterm, _amsg_exit, _adjust_fdiv, __2@YAPAXI@Z
> ntdll.dll: RtlUnwind
> KERNEL32.dll: GetTickCount, DisableThreadLibraryCalls, InterlockedCompareExchange, Sleep, SetUnhandledExceptionFilter, UnhandledExceptionFilter, GetCurrentProcess, TerminateProcess, GetSystemTimeAsFileTime, GetCurrentProcessId, GetCurrentThreadId, QueryPerformanceCounter, InterlockedExchange, LocalAlloc, LocalFree
> USER32.dll: RegisterClassExA, DefWindowProcA, GetWindowLongA, UnregisterDeviceNotification, RegisterDeviceNotificationA, DestroyWindow, UnregisterClassA, GetMessageA, TranslateMessage, DispatchMessageA, CreateWindowExA
> ole32.dll: CoInitialize, CoCreateInstance
( 1 exports )
RunDLLEntry Update.exe Code:
Antivirus Version letzte aktualisierung Ergebnis
AhnLab-V3 2008.11.21.0 2008.11.21 -
AntiVir 7.9.0.35 2008.11.21 -
Authentium 5.1.0.4 2008.11.21 -
Avast 4.8.1281.0 2008.11.21 -
AVG 8.0.0.199 2008.11.21 -
BitDefender 7.2 2008.11.21 -
CAT-QuickHeal 10.00 2008.11.21 -
ClamAV 0.94.1 2008.11.21 -
DrWeb 4.44.0.09170 2008.11.21 -
eSafe 7.0.17.0 2008.11.19 -
eTrust-Vet 31.6.6221 2008.11.21 -
Ewido 4.0 2008.11.21 -
F-Prot 4.4.4.56 2008.11.21 -
F-Secure 8.0.14332.0 2008.11.21 -
Fortinet 3.117.0.0 2008.11.21 -
GData 19 2008.11.21 -
Ikarus T3.1.1.45.0 2008.11.21 -
K7AntiVirus 7.10.530 2008.11.21 -
Kaspersky 7.0.0.125 2008.11.21 -
McAfee 5441 2008.11.21 -
McAfee+Artemis 5440 2008.11.20 -
Microsoft 1.4104 2008.11.21 -
NOD32 3631 2008.11.21 -
Norman 5.80.02 2008.11.21 -
Panda 9.0.0.4 2008.11.21 -
PCTools 4.4.2.0 2008.11.21 -
Prevx1 V2 2008.11.21 -
Rising 21.04.42.00 2008.11.21 -
SecureWeb-Gateway 6.7.6 2008.11.21 -
Sophos 4.35.0 2008.11.21 -
Sunbelt 3.1.1823.2 2008.11.21 -
Symantec 10 2008.11.21 -
TheHacker 6.3.1.1.159 2008.11.19 -
TrendMicro 8.700.0.1004 2008.11.21 -
VBA32 3.12.8.9 2008.11.21 -
ViRobot 2008.11.18.1474 2008.11.18 -
VirusBuster 4.5.11.0 2008.11.21 -
weitere Informationen
File size: 725728 bytes
MD5...: e1d1507e2f45ad36a2a8053071574168
SHA1..: c3b2c8d7c1e8ec48fbc7164580cf415ce1120670
SHA256: 81a6c4d17cca53775004689713ad3f542f5453c0861f9ea450ff70186d0f6339
SHA512: 3decc3d063cfa9240f3c04471d1c696389b9299440f7a0e23be4553d838dc68b
a692cc6410c65813bdde799e684224e17a278f80251863a2d06f7b8718f7ab07
PEiD..: -
TrID..: File type identification
Win32 Executable MS Visual C++ (generic) (53.1%)
Windows Screen Saver (18.4%)
Win32 Executable Generic (12.0%)
Win32 Dynamic Link Library (generic) (10.6%)
Generic Win/DOS Executable (2.8%)
PEInfo: PE Structure information
( base data )
entrypointaddress.: 0x1065e2c
timedatestamp.....: 0x42c1810b (Tue Jun 28 16:55:39 2005)
machinetype.......: 0x14c (I386)
( 3 sections )
name viradd virsiz rawdsiz ntrpy md5
.text 0x1000 0x8ec5e 0x8ee00 6.70 1c8e8be02417527cd7131c54163b8b26
.data 0x90000 0x7da14 0x1000 4.53 d58b2f80c25f1a24868bf0b233385a9f
.rsrc 0x10e000 0x1f4bc 0x1f600 4.06 b1eb3ae91bf866492ca63030164c9818
( 19 imports )
> ADVAPI32.dll: RegSaveKeyA, AbortSystemShutdownA, RegOpenKeyExW, RegCloseKey, RegQueryValueExA, EnumServicesStatusExA, OpenServiceW, RegOpenKeyExA, RegSetValueExA, RegCreateKeyExA, RegDeleteKeyA, RegEnumKeyExA, FreeSid, RegSetKeySecurity, SetSecurityDescriptorOwner, SetSecurityDescriptorDacl, InitializeSecurityDescriptor, AllocateAndInitializeSid, CloseServiceHandle, ControlService, StartServiceA, OpenServiceA, OpenSCManagerA, RegDeleteValueA, RegOpenKeyA, GetServiceDisplayNameA, QueryServiceStatus, SetFileSecurityA, AddAccessAllowedAce, InitializeAcl, EnumDependentServicesA, RegFlushKey, GetFileSecurityA, RegQueryInfoKeyA, AddAce, SetFileSecurityW, GetAclInformation, CopySid, GetLengthSid, RegSetValueExW, RegQueryValueExW, RegCreateKeyExW, AdjustTokenPrivileges, RegUnLoadKeyA, RegLoadKeyA, OpenProcessToken, DeregisterEventSource, ReportEventA, RegisterEventSourceA, GetTokenInformation, SetNamedSecurityInfoA, GetNamedSecurityInfoA, UnlockServiceDatabase, ChangeServiceConfigA, QueryServiceConfigA, LockServiceDatabase, InitiateSystemShutdownA
> COMCTL32.dll: CreatePropertySheetPageW, PropertySheetW
> CRYPT32.dll: CertAddCertificateContextToStore, CertSetCertificateContextProperty, CertCreateCertificateContext, CryptEncodeObject, CertOpenStore, CertCloseStore, CertFreeCertificateContext
> GDI32.dll: StretchBlt, GetDIBits, CreateCompatibleDC, DeleteObject, CreateFontIndirectA, GetDeviceCaps, BitBlt, SelectObject
> imagehlp.dll: EnumerateLoadedModules64
> KERNEL32.dll: GetFullPathNameA, ExitProcess, SetUnhandledExceptionFilter, SetEnvironmentVariableA, GetSystemInfo, lstrlenA, FreeResource, LockResource, LoadResource, FindResourceA, LoadLibraryExA, GetTempPathA, GetCurrentProcess, GetDiskFreeSpaceExA, GetDiskFreeSpaceA, GetCompressedFileSizeA, GetComputerNameA, ReleaseSemaphore, SetEndOfFile, InterlockedDecrement, GetCurrentThread, GetExitCodeThread, CreateSemaphoreA, MoveFileA, QueryPerformanceCounter, GetCurrentThreadId, GetCurrentProcessId, GetSystemTimeAsFileTime, TerminateProcess, DosDateTimeToFileTime, HeapCreate, HeapDestroy, GlobalAlloc, LocalFileTimeToFileTime, SetFileTime, GetFileInformationByHandle, GlobalLock, GlobalHandle, GlobalUnlock, GlobalFree, FileTimeToDosDateTime, OpenFileMappingA, GetVolumeInformationA, DuplicateHandle, GetSystemDefaultLangID, GetModuleFileNameW, ReleaseMutex, CopyFileW, GetTempFileNameW, GetVersionExW, ExpandEnvironmentStringsW, SearchPathW, lstrcpyW, lstrcpynW, GetDriveTypeW, lstrlenW, GetLocalTime, OpenEventA, GetFileSizeEx, GetFullPathNameW, InterlockedIncrement, CreateRemoteThread, VirtualAllocEx, WriteProcessMemory, CreateEventW, QueryDosDeviceA, DefineDosDeviceA, lstrcpynA, LoadLibraryW, FindFirstFileW, lstrcmpiW, FindNextFileW, MapViewOfFileEx, CreateProcessA, GetExitCodeProcess, FlushFileBuffers, HeapFree, GetProcessHeap, HeapAlloc, FlushViewOfFile, CreateFileW, DeleteFileW, GetFileTime, GetStartupInfoA, DelayLoadFailureHook, lstrcmpA, GetWindowsDirectoryW, GetVolumeInformationW, SetErrorMode, GetCommandLineA, GetCommandLineW, CreateMutexA, CreateProcessW, WaitForSingleObject, GetModuleHandleA, FormatMessageW, ReadFile, GetTickCount, CreateEventA, CreateThread, SetThreadPriority, WaitForMultipleObjects, SetEvent, RemoveDirectoryA, EnterCriticalSection, LeaveCriticalSection, FileTimeToLocalFileTime, FileTimeToSystemTime, DeviceIoControl, GetFileAttributesExA, VirtualFree, WritePrivateProfileStringA, SetCurrentDirectoryA, GetModuleFileNameA, GetEnvironmentVariableA, InitializeCriticalSection, Sleep, GetThreadLocale, GetLocaleInfoA, GetPrivateProfileStringA, VirtualAlloc, SetFilePointer, WriteFile, InterlockedCompareExchange, GetSystemDirectoryA, GetTempFileNameA, CopyFileA, OpenProcess, MoveFileExA, SetFileAttributesA, GetVersionExA, LocalAlloc, LocalFree, SetLastError, CreateFileA, GetFileSize, CreateFileMappingA, MapViewOfFile, UnmapViewOfFile, CloseHandle, GetDriveTypeA, ExpandEnvironmentStringsA, FindFirstFileA, FindNextFileA, FindClose, MultiByteToWideChar, WideCharToMultiByte, lstrcmpiA, FormatMessageA, GetFileAttributesA, CreateDirectoryA, GetSystemDirectoryW, LoadLibraryA, GetProcAddress, GetLastError, GetWindowsDirectoryA, DeleteFileA, RaiseException, FreeLibrary, VirtualProtect, TlsFree, TlsAlloc, TlsGetValue, GetSystemTime, InitializeCriticalSectionAndSpinCount, GetVersion, TlsSetValue, DeleteCriticalSection
> MPR.dll: WNetGetUserA, WNetGetUniversalNameA
> msvcrt.dll: strncpy, _except_handler3, strchr, _stricmp, sprintf, strrchr, mbstowcs, malloc, free, _vsnprintf, strncmp, memmove, vsprintf, strncat, _wcsdup, _errno, _open, _read, _write, _close, _lseek, remove, _tempnam, wcscat, _vsnwprintf, ctime, wcscpy, rename, wcsstr, _itoa, _local_unwind2, _memicmp, atoi, realloc, _c_exit, _exit, _XcptFilter, _cexit, exit, _acmdln, __getmainargs, _initterm, __setusermatherr, _adjust_fdiv, __p__commode, __p__fmode, __set_app_type, _controlfp, swprintf, wcslen, _strnicmp, memchr, _strcmpi, _snprintf, _terminate@@YAXXZ, __1type_info@@UAE@XZ, wcstoul, _snwprintf, _mbslwr, strstr, _strdup, calloc, getenv, strtoul, _wcsicmp, _ltoa, _mbsupr, wcschr, fprintf, strcspn, isdigit, wcsrchr, wcscmp, wcsncat, wcsncpy, toupper, strspn, atol, strpbrk, isspace, _ultoa, _wtoi64, _wcslwr, strtok, _itow, _what@exception@@UBEPBDXZ, __1exception@@UAE@XZ, __0exception@@QAE@ABQBD@Z, __CxxFrameHandler, __3@YAXPAX@Z, __0exception@@QAE@ABV0@@Z, _CxxThrowException, fclose, __2@YAPAXI@Z, fopen
> ntdll.dll: NtQuerySystemTime, RtlFreeUnicodeString, RtlInitUnicodeString, RtlUnicodeStringToAnsiString, NtClose, NtAdjustPrivilegesToken, NtOpenProcessToken, NtQueryInformationProcess, RtlCharToInteger, LdrAccessResource, LdrFindResource_U, NtQuerySystemInformation, NtShutdownSystem, RtlFreeHeap, RtlAllocateHeap, RtlRaiseStatus, NtYieldExecution, NtSetSystemInformation, NtCreateSection, NtOpenFile, NtOpenSection, NtOpenDirectoryObject, RtlCompareUnicodeString, NtCreateFile, RtlDosPathNameToNtPathName_U, RtlTimeToTimeFields, LdrUnloadDll, NtFreeVirtualMemory, NtQueryInformationThread, NtWaitForSingleObject, RtlCreateUserThread, NtWriteVirtualMemory, NtAllocateVirtualMemory, NtOpenProcess, LdrGetProcedureAddress, LdrLoadDll, RtlDestroyHeap, RtlSetDaclSecurityDescriptor, RtlCreateSecurityDescriptor, RtlGetAce, RtlAddAccessAllowedAce, RtlCreateAcl, RtlLengthSid, RtlAllocateAndInitializeSid, RtlCreateHeap, DbgPrint, RtlFreeAnsiString, RtlInitAnsiString, RtlAnsiStringToUnicodeString
> ole32.dll: CoInitialize, CoCreateInstance, CoUninitialize
> OLEAUT32.dll: -
> PSAPI.DLL: GetModuleFileNameExA
> RPCRT4.dll: UuidFromStringA
> SHELL32.dll: SHGetPathFromIDListA, SHGetMalloc, SHBrowseForFolderA, SHGetSpecialFolderPathA
> UPDSPAPI.dll: UpdSpFindNextMatchLineW, UpdSpFindFirstLineW, UpdSpGetMultiSzFieldW, UpdSpGetTargetPathW, UpdSpFindNextLine, UpdSpGetFieldCount, UpdSpGetLineTextA, UpdSpSetDynamicStringA, UpdSpGetStringFieldA, UpdSpGetLineByIndexA, UpdSpGetLineCountA, UpdSpInstallFilesFromInfSectionA, UpdSpSetDirectoryIdA, UpdSpCloseInfFile, UpdSpOpenInfFileA, UpdSpGetLineTextW, UpdSpScanFileQueueA, UpdSpGetBinaryField, UpdSpGetIntField, UpdSpQueueCopyA, UpdSpInstallFromInfSectionA, UpdSpGetTargetPathA, UpdSpDecompressOrCopyFileA, UpdSpDefaultQueueCallbackA, UpdSpDefaultQueueCallbackW, UpdSpCloseFileQueue, UpdSpGetSourceFileLocationA, UpdSpGetSourceInfoA, UpdSpOpenFileQueue, UpdSpCommitFileQueueA, UpdSpGetStringFieldW, UpdSpGetLineByIndexW, UpdSpGetLineCountW, UpdSpIterateCabinetA, UpdSpInitDefaultQueueCallbackEx, UpdSpPromptForDiskA, UpdSpCopyErrorA, UpdSpFindFirstLineA
> USER32.dll: CloseWindowStation, EnumDesktopsA, SetProcessWindowStation, GetProcessWindowStation, OpenWindowStationA, GetThreadDesktop, SetThreadDesktop, EnumWindows, CloseDesktop, GetClientRect, FindWindowExA, GetWindowThreadProcessId, GetWindow, RegisterClassA, CreateWindowExA, DefWindowProcA, MessageBoxW, EnumWindowStationsA, wvsprintfW, OpenDesktopA, GetSystemMetrics, LoadStringA, LoadStringW, MessageBoxA, PostQuitMessage, DestroyWindow, SendMessageA, SetDlgItemTextA, ShowWindow, EnableWindow, GetDlgItem, DispatchMessageA, TranslateMessage, GetMessageA, PostThreadMessageA, SetWindowTextW, RedrawWindow, SetWindowLongA, GetWindowLongA, GetWindowTextA, PostMessageA, EnumChildWindows, SetDlgItemTextW, LoadBitmapA, IsDlgButtonChecked, SetTimer, CheckDlgButton, KillTimer, ReleaseDC, GetDC, SystemParametersInfoA, SetForegroundWindow, SetWindowTextA, EndDialog, DialogBoxParamA, GetDesktopWindow, SetFocus
> USERENV.dll: -, -, -
> VERSION.dll: VerQueryValueA, VerQueryValueW, GetFileVersionInfoA, GetFileVersionInfoSizeA, GetFileVersionInfoW, GetFileVersionInfoSizeW
> WINSPOOL.DRV: GetPrinterDriverDirectoryA
( 0 exports ) Und nochmal ein grosses Danke an dich!!! |