Also mit Prevx CSI habe ich 2 mal gescannt, aber löschen konnte ich da nix
und bei VirusTotal hab ich auch ein Problem: 2 der 4 Pfade von dir gibt es nicht (habs auch über Suchfunktion versucht, und auch so reinkopiert, ergebnislos)
Die anderen beiden funktionierten. Hier die Daten
von: C:\Programme\PermissionResearch\prls.dll Zitat:
Antivirus Version letzte aktualisierung Ergebnis
a-squared 4.0.0.101 2009.04.06 -
AntiVir 7.9.0.138 2009.04.06 -
Antiy-AVL 2.0.3.1 2009.04.06 -
Authentium 5.1.2.4 2009.04.05 -
Avast 4.8.1335.0 2009.04.06 -
AVG 8.5.0.285 2009.04.06 -
CAT-QuickHeal 10.00 2009.04.06 -
ClamAV 0.94.1 2009.04.06 -
Comodo 1101 2009.04.06 -
DrWeb 4.44.0.09170 2009.04.06 -
eSafe 7.0.17.0 2009.04.06 -
eTrust-Vet 31.6.6435 2009.04.03 -
F-Prot 4.4.4.56 2009.04.05 -
F-Secure 8.0.14470.0 2009.04.06 -
Fortinet 3.117.0.0 2009.04.06 Misc/Oss
GData 19 2009.04.06 -
Ikarus T3.1.1.49.0 2009.04.06 -
K7AntiVirus 7.10.694 2009.04.06 -
Kaspersky 7.0.0.125 2009.04.06 -
McAfee 5575 2009.04.05 potentially unwanted program Proxy-OSS
McAfee+Artemis 5575 2009.04.05 potentially unwanted program Proxy-OSS
McAfee-GW-Edition 6.7.6 2009.04.06 -
Microsoft 1.4502 2009.04.06 -
NOD32 3989 2009.04.06 -
Norman 6.00.06 2009.04.06 -
Prevx1 V2 2009.04.06 -
Rising 21.23.41.00 2009.04.03 Backdoor.Win32.VB.epo
Sophos 4.40.0 2009.04.06 -
Sunbelt 3.2.1858.2 2009.04.04 -
TheHacker 6.3.4.0.302 2009.04.06 -
TrendMicro 8.700.0.1004 2009.04.06 -
ViRobot 2009.4.6.1680 2009.04.06 -
VirusBuster 4.6.5.0 2009.04.05 -
Datei: prls.dll
weitere Informationen
File size: 376832 bytes
MD5...: b520c6393ddee88869b6c71e2e97dc2e
SHA1..: 5d0bae573c9109030ca56903e2c5bee892b0baa8
SHA256: 24273160e6014de5da622cb14c1a0ed8e53e46ecb545b71280ed2a04272f2aac
SHA512: 5535c5a84fd9749d5ef0d1b7ed1589923fc981740d26acc5580cca91ee6baeb7791a58271fd9aad3bab6a53ea52d1c47583a7d7b58561d753e79e72089be0219
ssdeep: 6144:LTGaYDjgaM052q4Z7x7p+oDOAtXXAlIHeC00IoDsmOmbU4JPd/Klob2/yiE0TA:LTH4jgaM052q4Z7x7prOoXQllClJ7JP9
PEiD..: -
TrID..: File type identificationWin32 Executable Generic (68.0%)Generic Win/DOS Executable (15.9%)DOS Executable Generic (15.9%)Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
PEInfo: PE Structure information( base data )entrypointaddress.: 0x3a804timedatestamp.....: 0x499de7f9 (Thu Feb 19 23:15:05 2009)machinetype.......: 0x14c (I386)( 6 sections )name viradd virsiz rawdsiz ntrpy md5.text 0x1000 0x3ef16 0x3f000 6.46 efe40b937edc99f38d31b6aaf0ab1295.rdata 0x40000 0x101fc 0x11000 5.37 0e9e8d8290eb142188dd66e98073ca03.data 0x51000 0x2cb4 0x1000 5.54 1d3f755087de99924a6e63af913de4d0Shared 0x54000 0x408 0x1000 0.01 14b6a6af898431d0fe8fa58241c39226.rsrc 0x55000 0x590 0x1000 1.14 704414e348c7dfc18a8d23c91db63bb0.reloc 0x56000 0x71ea 0x8000 5.21 4f97ef3fd89949a10999b96f3d799fb9( 11 imports ) > WS2_32.dll: -, -, -, -, -, -, -, -, -, -, -, -> OLEACC.dll: AccessibleObjectFromPoint> KERNEL32.dll: GetVersion, RaiseException, InitializeCriticalSection, DeleteCriticalSection, InterlockedIncrement, GetCommandLineA, FreeLibraryAndExitThread, CreateProcessA, CreateMutexA, WaitForSingleObject, CloseHandle, WaitForMultipleObjects, OpenProcess, OpenEventA, QueryPerformanceCounter, DisableThreadLibraryCalls, GlobalUnlock, GlobalLock, GlobalAlloc, SetFilePointer, TlsAlloc, EnterCriticalSection, GlobalFree, VirtualAlloc, VirtualQuery, InterlockedCompareExchange, ResumeThread, VirtualProtect, FlushInstructionCache, GetCurrentProcess, GetThreadContext, SetThreadContext, SuspendThread, FreeLibrary, UnmapViewOfFile, CreateFileMappingA, TlsGetValue, TlsSetValue, TlsFree, SetLastError, LoadLibraryA, CreateEventA, SetEvent, GetTickCount, GetCurrentThreadId, Sleep, InterlockedDecrement, GetCurrentProcessId, lstrlenA, GetLastError, MultiByteToWideChar, GetModuleHandleA, GetProcAddress, GetCurrentThread, lstrlenW, GetModuleFileNameA, WideCharToMultiByte, GetVersionExA, GetThreadLocale, GetLocaleInfoA, GetACP, InterlockedExchange, QueryPerformanceFrequency, LeaveCriticalSection, GetSystemTimeAsFileTime, ExitProcess, GetSystemInfo, FormatMessageA, ResetEvent, ReleaseMutex, CreateSemaphoreA, ReleaseSemaphore, LocalAlloc, LocalFree, LoadLibraryExA, MapViewOfFile> USER32.dll: IsWindowVisible, LoadStringA, GetWindow, GetTopWindow, GetClassNameA, CallNextHookEx, GetMessageA, DispatchMessageA, GetForegroundWindow, GetWindowThreadProcessId, SendMessageA, GetParent, GetCursorPos, PostThreadMessageA, FindWindowExA, GetWindowTextA, GetAncestor> ADVAPI32.dll: InitializeAcl, CreateProcessAsUserA, OpenProcessToken, GetTokenInformation, GetSidIdentifierAuthority, GetSidSubAuthorityCount, GetSidSubAuthority, AllocateAndInitializeSid, EqualSid, InitializeSecurityDescriptor, SetSecurityDescriptorDacl, RegQueryValueExA, RegOpenKeyExA, RegCloseKey, RegDeleteKeyA, RegEnumKeyExA, SetSecurityInfo> ole32.dll: CoInitializeEx, CoCreateFreeThreadedMarshaler, CoInitialize, CoUninitialize, CoCreateInstance, CoUnmarshalInterface, CreateStreamOnHGlobal, CoMarshalInterface> OLEAUT32.dll: -, -, -, -, -, -, -, -> MSVCP71.dll: __Osfx@_$basic_ostream@DU_$char_traits@D@std@@@std@@QAEXXZ, _uncaught_exception@std@@YA_NXZ, _setstate@_$basic_ios@DU_$char_traits@D@std@@@std@@QAEXH_N@Z, _sputc@_$basic_streambuf@DU_$char_traits@D@std@@@std@@QAEHD@Z, __4_$basic_string@DU_$char_traits@D@std@@V_$allocator@D@2@@std@@QAEAAV01@PBD@Z, ___D_$basic_ostringstream@DU_$char_traits@D@std@@V_$allocator@D@2@@std@@QAEXXZ, _str@_$basic_ostringstream@DU_$char_traits@D@std@@V_$allocator@D@2@@std@@QBE_AV_$basic_string@DU_$char_traits@D@std@@V_$allocator@D@2@@2@XZ, __$_6U_$char_traits@D@std@@@std@@YAAAV_$basic_ostream@DU_$char_traits@D@std@@@0@AAV10@PBD@Z, __0_$basic_ostringstream@DU_$char_traits@D@std@@V_$allocator@D@2@@std@@QAE@H@Z, __4_$basic_string@DU_$char_traits@D@std@@V_$allocator@D@2@@std@@QAEAAV01@ABV01@@Z, _find@_$basic_string@DU_$char_traits@D@std@@V_$allocator@D@2@@std@@QBEIPBDI@Z, _substr@_$basic_string@DU_$char_traits@D@std@@V_$allocator@D@2@@std@@QBE_AV12@II@Z, _find@_$basic_string@DU_$char_traits@D@std@@V_$allocator@D@2@@std@@QBEIABV12@I@Z, __Y_$basic_string@DU_$char_traits@D@std@@V_$allocator@D@2@@std@@QAEAAV01@PBD@Z, _append@_$basic_string@DU_$char_traits@D@std@@V_$allocator@D@2@@std@@QAEAAV12@PBD@Z, _find@_$basic_string@DU_$char_traits@D@std@@V_$allocator@D@2@@std@@QBEIDI@Z, __Y_$basic_string@DU_$char_traits@D@std@@V_$allocator@D@2@@std@@QAEAAV01@D@Z, __A_$basic_string@DU_$char_traits@D@std@@V_$allocator@D@2@@std@@QAEAADI@Z, __$_8DU_$char_traits@D@std@@V_$allocator@D@1@@std@@YA_NABV_$basic_string@DU_$char_traits@D@std@@V_$allocator@D@2@@0@PBD@Z, __1locale@std@@QAE@XZ, _end@_$basic_string@DU_$char_traits@D@std@@V_$allocator@D@2@@std@@QBE_AVconst_iterator@12@XZ, _begin@_$basic_string@DU_$char_traits@D@std@@V_$allocator@D@2@@std@@QBE_AVconst_iterator@12@XZ, __0locale@std@@QAE@ABV01@@Z, __1_Lockit@std@@QAE@XZ, __Register@facet@locale@std@@QAEXXZ, __Incref@facet@locale@std@@QAEXXZ, __Getcat@_$ctype@D@std@@SAIPAPBVfacet@locale@2@@Z, __Getfacet@locale@std@@QBEPBVfacet@12@I@Z, __Bid@locale@std@@QAEIXZ, _id@_$ctype@D@std@@2V0locale@2@A, __0_Lockit@std@@QAE@H@Z, _toupper@_$ctype@D@std@@QBEDD@Z, __0locale@std@@QAE@XZ, _tolower@_$ctype@D@std@@QBEDD@Z, __Tidy@_$basic_string@DU_$char_traits@D@std@@V_$allocator@D@2@@std@@IAEX_NI@Z, _append@_$basic_string@DU_$char_traits@D@std@@V_$allocator@D@2@@std@@QAEAAV12@ID@Z, __0_$_String_val@DV_$allocator@D@std@@@std@@IAE@V_$allocator@D@1@@Z, __$_MDU_$char_traits@D@std@@V_$allocator@D@1@@std@@YA_NABV_$basic_string@DU_$char_traits@D@std@@V_$allocator@D@2@@0@0@Z, ___D_$basic_stringstream@DU_$char_traits@D@std@@V_$allocator@D@2@@std@@QAEXXZ, _unsetf@ios_base@std@@QAEXH@Z, __0_$basic_stringstream@DU_$char_traits@D@std@@V_$allocator@D@2@@std@@QAE@H@Z, _str@_$basic_stringstream@DU_$char_traits@D@std@@V_$allocator@D@2@@std@@QBE_AV_$basic_string@DU_$char_traits@D@std@@V_$allocator@D@2@@2@XZ, _insert@_$basic_string@DU_$char_traits@D@std@@V_$allocator@D@2@@std@@QAEXViterator@12@Vconst_iterator@12@1@Z, _insert@_$basic_string@DU_$char_traits@D@std@@V_$allocator@D@2@@std@@QAEXViterator@12@PBD1@Z, _setf@ios_base@std@@QAEHHH@Z, _fail@ios_base@std@@QBE_NXZ, _endl@std@@YAAAV_$basic_ostream@DU_$char_traits@D@std@@@1@AAV21@@Z, __6_$basic_ostream@DU_$char_traits@D@std@@@std@@QAEAAV01@P6AAAVios_base@1@AAV21@@Z@Z, __6_$basic_ostream@DU_$char_traits@D@std@@@std@@QAEAAV01@K@Z, __6_$basic_ostream@DU_$char_traits@D@std@@@std@@QAEAAV01@P6AAAV01@AAV01@@Z@Z, __6_$basic_ostream@DU_$char_traits@D@std@@@std@@QAEAAV01@H@Z, _compare@_$basic_string@DU_$char_traits@D@std@@V_$allocator@D@2@@std@@QBEHABV12@@Z, __0_$basic_string@DU_$char_traits@D@std@@V_$allocator@D@2@@std@@QAE@PBDI@Z, __0_$basic_string@DU_$char_traits@D@std@@V_$allocator@D@2@@std@@QAE@ABV01@II@Z, __1_$basic_string@GU_$char_traits@G@std@@V_$allocator@G@2@@std@@QAE@XZ, __0_$basic_string@GU_$char_traits@G@std@@V_$allocator@G@2@@std@@QAE@ABV01@@Z, __Y_$basic_string@GU_$char_traits@G@std@@V_$allocator@G@2@@std@@QAEAAV01@PBG@Z, __0_$basic_string@GU_$char_traits@G@std@@V_$allocator@G@2@@std@@QAE@XZ, __$_9DU_$char_traits@D@std@@V_$allocator@D@1@@std@@YA_NABV_$basic_string@DU_$char_traits@D@std@@V_$allocator@D@2@@0@0@Z, _append@_$basic_string@DU_$char_traits@D@std@@V_$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z, _substr@_$basic_string@GU_$char_traits@G@std@@V_$allocator@G@2@@std@@QBE_AV12@II@Z, __4_$basic_string@GU_$char_traits@G@std@@V_$allocator@G@2@@std@@QAEAAV01@ABV01@@Z, _find_last_not_of@_$basic_string@DU_$char_traits@D@std@@V_$allocator@D@2@@std@@QBEIDI@Z, _find_first_not_of@_$basic_string@DU_$char_traits@D@std@@V_$allocator@D@2@@std@@QBEIDI@Z, _find_last_of@_$basic_string@DU_$char_traits@D@std@@V_$allocator@D@2@@std@@QBEIPBDI@Z, _find_first_of@_$basic_string@DU_$char_traits@D@std@@V_$allocator@D@2@@std@@QBEIDI@Z, __$_8DU_$char_traits@D@std@@V_$allocator@D@1@@std@@YA_NABV_$basic_string@DU_$char_traits@D@std@@V_$allocator@D@2@@0@0@Z, __Xran@_String_base@std@@QBEXXZ, __Xlen@_String_base@std@@QBEXXZ, _setw@std@@YA_AU_$_Smanip@H@1@H@Z, __6_$basic_ostream@DU_$char_traits@D@std@@@std@@QAEAAV01@G@Z, __$_6U_$char_traits@D@std@@@std@@YAAAV_$basic_ostream@DU_$char_traits@D@std@@@0@AAV10@D@Z, _find_first_of@_$basic_string@DU_$char_traits@D@std@@V_$allocator@D@2@@std@@QBEIPBDI@Z, _insert@_$basic_string@DU_$char_traits@D@std@@V_$allocator@D@2@@std@@QAEAAV12@IABV12@@Z, _append@_$basic_string@DU_$char_traits@D@std@@V_$allocator@D@2@@std@@QAEAAV12@ABV12@@Z, _append@_$basic_string@DU_$char_traits@D@std@@V_$allocator@D@2@@std@@QAEAAV12@PBDI@Z, __$_8DU_$char_traits@D@std@@V_$allocator@D@1@@std@@YA_NPBDABV_$basic_string@DU_$char_traits@D@std@@V_$allocator@D@2@@0@@Z, _reserve@_$basic_string@DU_$char_traits@D@std@@V_$allocator@D@2@@std@@QAEXI@Z, _assign@_$basic_string@GU_$char_traits@G@std@@V_$allocator@G@2@@std@@QAEAAV12@PBG@Z, _assign@_$basic_string@GU_$char_traits@G@std@@V_$allocator@G@2@@std@@QAEAAV12@PBGI@Z, _register_callback@ios_base@std@@QAEXP6AXW4event@12@AAV12@H@ZH@Z, _pword@ios_base@std@@QAEAAPAXH@Z, _xalloc@ios_base@std@@SAHXZ, __Nomemory@std@@YAXXZ, _flush@_$basic_ostream@DU_$char_traits@D@std@@@std@@QAEAAV12@XZ, __Y_$basic_string@DU_$char_traits@D@std@@V_$allocator@D@2@@std@@QAEAAV01@ABV01@@Z, __Unlock@_$basic_streambuf@DU_$char_traits@D@std@@@std@@QAEXXZ, __Lock@_$basic_streambuf@DU_$char_traits@D@std@@@std@@QAEXXZ, _find_first_not_of@_$basic_string@DU_$char_traits@D@std@@V_$allocator@D@2@@std@@QBEIPBDI@Z, _npos@_$basic_string@DU_$char_traits@D@std@@V_$allocator@D@2@@std@@2IB, _find_last_not_of@_$basic_string@DU_$char_traits@D@std@@V_$allocator@D@2@@std@@QBEIPBDI@Z, _size@_$basic_string@DU_$char_traits@D@std@@V_$allocator@D@2@@std@@QBEIXZ, _erase@_$basic_string@DU_$char_traits@D@std@@V_$allocator@D@2@@std@@QAEAAV12@II@Z, _push_back@_$basic_string@DU_$char_traits@D@std@@V_$allocator@D@2@@std@@QAEXD@Z, _replace@_$basic_string@DU_$char_traits@D@std@@V_$allocator@D@2@@std@@QAEAAV12@IIPBD@Z, _resize@_$basic_string@DU_$char_traits@D@std@@V_$allocator@D@2@@std@@QAEXI@Z, __0_$basic_string@DU_$char_traits@D@std@@V_$allocator@D@2@@std@@QAE@XZ, _begin@_$basic_string@DU_$char_traits@D@std@@V_$allocator@D@2@@std@@QAE_AViterator@12@XZ, _end@_$basic_string@DU_$char_traits@D@std@@V_$allocator@D@2@@std@@QAE_AViterator@12@XZ, _clear@_$basic_string@DU_$char_traits@D@std@@V_$allocator@D@2@@std@@QAEXXZ, _assign@_$basic_string@DU_$char_traits@D@std@@V_$allocator@D@2@@std@@QAEAAV12@PBD@Z, __0_$basic_string@DU_$char_traits@D@std@@V_$allocator@D@2@@std@@QAE@PBD@Z, _c_str@_$basic_string@DU_$char_traits@D@std@@V_$allocator@D@2@@std@@QBEPBDXZ, __1_$basic_string@DU_$char_traits@D@std@@V_$allocator@D@2@@std@@QAE@XZ, __0_$basic_string@DU_$char_traits@D@std@@V_$allocator@D@2@@std@@QAE@ABV01@@Z, __$_9DU_$char_traits@D@std@@V_$allocator@D@1@@std@@YA_NABV_$basic_string@DU_$char_traits@D@std@@V_$allocator@D@2@@0@PBD@Z> RPCRT4.dll: UuidCreate, UuidCompare> VERSION.dll: VerQueryValueA, GetFileVersionInfoA, GetFileVersionInfoSizeA> MSVCR71.dll: __8type_info@@QBEHABV0@@Z, strncpy, atoi, wcslen, _mbsnbcpy, __0bad_cast@@QAE@ABV0@@Z, __1bad_cast@@UAE@XZ, __0bad_cast@@QAE@PBD@Z, _beginthreadex, memmove, time, vsprintf, wcstombs, memset, strcat, strcpy, memcpy, _vsnprintf, _mbscmp, _itoa, atol, _wcsicmp, wcscpy, mbstowcs, _callnewh, __1type_info@@UAE@XZ, __dllonexit, _onexit, _terminate@@YAXXZ, _initterm, _adjust_fdiv, __CppXcptFilter, __security_error_handler, _strcmpi, _strnicmp, _stricmp, _strlwr, _purecall, __3@YAXPAX@Z, __1exception@@UAE@XZ, __0exception@@QAE@XZ, _except_handler3, _resetstkoflw, free, malloc, strncmp, sprintf, _mbsicmp, strstr, _snprintf, _splitpath, tolower, _CxxThrowException, __0exception@@QAE@ABV0@@Z, __CxxFrameHandler, ___V@YAXPAX@Z( 21 exports ) _Mine_PR_Close@@YA_AW4PRStatus@@PAUPRFileDesc@@@Z, _Mine_PR_Read@@YAHPAUPRFileDesc@@PAXH@Z, _Mine_PR_Write@@YAHPAUPRFileDesc@@PBXH@Z, CheckCapability, ConfigBrowsers, ConfigLSP, GetServiceProviderInfo, IsCSLOAConfigured, IsLSPConfigured, KeyboardHookProc, MouseHookProc, MsgHookProc, Register, SetAutoRestartProc, SetForegroundURL, ShellHookProc, StartShellEvent, UnconfigBrowsers, UnconfigLSP, UnlockShellEvent, UpdateTopURL
RDS...: NSRL Reference Data Set
| Und von: C:\windows\system32\eeekp.dll Zitat:
Antivirus Version letzte aktualisierung Ergebnis
a-squared 4.0.0.101 2009.04.06 Backdoor.Win32.Haxdoor!IK
AhnLab-V3 5.0.0.2 2009.04.06 -
AntiVir 7.9.0.138 2009.04.06 TR/Rootkit.Gen
Antiy-AVL 2.0.3.1 2009.04.06 -
Authentium 5.1.2.4 2009.04.05 -
Avast 4.8.1335.0 2009.04.06 Win32:Haxdoor-JV
AVG 8.5.0.285 2009.04.06 PSW.Generic6.BFHG
BitDefender 7.2 2009.04.06 Trojan.Spy.Goldun.NCN
CAT-QuickHeal 10.00 2009.04.06 TrojanDropper.Agent.ahuk
ClamAV 0.94.1 2009.04.06 -
Comodo 1101 2009.04.06 -
DrWeb 4.44.0.09170 2009.04.06 -
eSafe 7.0.17.0 2009.04.06 Win32.TRRootkit
eTrust-Vet 31.6.6435 2009.04.03 Win32/ProcHide!generic
F-Prot 4.4.4.56 2009.04.05 -
F-Secure 8.0.14470.0 2009.04.06 Trojan-Spy.Win32.Goldun.bxv
Fortinet 3.117.0.0 2009.04.06 PossibleThreat
GData 19 2009.04.06 Trojan.Spy.Goldun.NCN
Ikarus T3.1.1.49.0 2009.04.06 Backdoor.Win32.Haxdoor
K7AntiVirus 7.10.694 2009.04.06 Trojan-Spy.Win32.Goldun.bxv
Kaspersky 7.0.0.125 2009.04.06 Trojan-Spy.Win32.Goldun.bxv
McAfee 5575 2009.04.05 BackDoor-BAC.gen
McAfee+Artemis 5575 2009.04.05 BackDoor-BAC.gen
McAfee-GW-Edition 6.7.6 2009.04.06 Trojan.Rootkit.Gen
Microsoft 1.4502 2009.04.06 Backdoor:Win32/Haxdoor
NOD32 3989 2009.04.06 a variant of Win32/Spy.Goldun.NDW
Norman 6.00.06 2009.04.06 W32/Rootkit.AKHL
nProtect 2009.1.8.0 2009.04.06 Trojan-Spy/W32.Goldun.8784.B
Panda 10.0.0.14 2009.04.05 Trj/Goldun.NN
PCTools 4.4.2.0 2009.04.06 -
Prevx1 V2 2009.04.06 High Risk Worm
Rising 21.23.41.00 2009.04.03 RootKit.Win32.Agent.eod
Sophos 4.40.0 2009.04.06 Troj/RkGold-Gen
Sunbelt 3.2.1858.2 2009.04.04 Goldun.Fam
Symantec 1.4.4.12 2009.04.06 Trojan.Goldun
TheHacker 6.3.4.0.302 2009.04.06 Trojan/Spy.Goldun.bxv
TrendMicro 8.700.0.1004 2009.04.06 -
VBA32 3.12.10.2 2009.04.06 Trojan-Dropper.Win32.Agent.ahuk
ViRobot 2009.4.6.1680 2009.04.06 -
VirusBuster 4.6.5.0 2009.04.05 -
weitere Informationen
File size: 8784 bytes
MD5...: 2838c4de647dfa705d76de9076380822
SHA1..: e698c434cf29d172cb5543a378db8e3a7704b04b
SHA256: 41a3e791fe4e953fbab0ee9f17f0d1ce42a9036ddc8fa32194a4dae738980329
SHA512: bbd3bea1318a0c199ca6d9d2e6955d944b11f2069f73ed48f5a2b7ab3106bc75f4a581aef43da3f6a003b876c73a471c17556f19771e6c4e5a484e66e55fb809
ssdeep: 192:Latpd2ksZ2YzSFSSXVVlguyxsO6pvYNoM3RHKmAHK2za:Latpd2kF0uyxsXe8N
PEiD..: -
TrID..: File type identificationGeneric Win/DOS Executable (49.8%)DOS Executable Generic (49.8%)Autodesk FLIC Image File (extensions: flc, fli, cel) (0.1%)MS Flight Simulator Aircraft Performance Info (0.0%)
PEInfo: PE Structure information( base data )entrypointaddress.: 0x86btimedatestamp.....: 0x499bfc7a (Wed Feb 18 12:18:02 2009)machinetype.......: 0x14c (I386)( 5 sections )name viradd virsiz rawdsiz ntrpy md5.text 0x200 0xab8 0xac0 6.25 60a4eb7a2dca01f7e03c98ddc53b179d.rdata 0xcc0 0xc0 0xc0 3.27 1859f611d07c7cbe183124bab3f44fa3.data 0xd80 0xf9f 0xfa0 4.84 0e0863d02792d57199294f6bd4fcfdd3INIT 0x1d20 0x248 0x250 5.20 23cd9f2bc3ca4381f82c47845e94cc10.reloc 0x1f70 0x2d6 0x2e0 6.45 5024ff0c59eaa2f2d5ed64089a91ab7b( 2 imports ) > NDIS.SYS: NdisGetCurrentSystemTime, NdisRegisterProtocol> ntoskrnl.exe: IoCreateDevice, IoCreateSymbolicLink, IofCompleteRequest, KeServiceDescriptorTable, MmIsAddressValid, IoGetCurrentProcess, ObDereferenceObject, IoGetDeviceObjectPointer, IoCreateFile, IofCallDriver( 0 exports )
RDS...: NSRL Reference Data Set-
Prevx info: <a href='http://info.prevx.com/aboutprogramtext.asp?PX5=9BCE5ABB503AD0E22266005623A6B2000FAACE8C' target='_blank'>http://info.prevx.com/aboutprogramtext.asp?PX5=9BCE5ABB503AD0E22266005623A6B2000FAACE8C</a> | Soll ich da noch etwas machen bevor ich mit dem Avenger beginne? |