john.doe | 31.08.2009 19:32 | Mh, du weißt schon, dass wir hier keine geklaute Software unterstützen? Und du weißt auch, das der Hauptverbreitungsweg von Trojaner geklaute Software ist? Was soll ich jetzt mit dir machen? :confused:
Sieh dir das an: Code:
Datei FoxKillerv6.exe empfangen 2009.08.31 17:40:06 (UTC)
Status: Beendet
Ergebnis: 12/39 (30.77%)
Filter
Drucken der Ergebnisse Antivirus Version letzte aktualisierung Ergebnis
a-squared 4.5.0.24 2009.08.31 Riskware.Hacktool.AnyDVD!IK
AhnLab-V3 5.0.0.2 2009.08.31 -
Antiy-AVL 2.0.3.7 2009.08.31 -
Authentium 5.1.2.4 2009.08.31 W32/Heuristic-210!Eldorado
Avast 4.8.1335.0 2009.08.31 -
AVG 8.5.0.406 2009.08.31 -
BitDefender 7.2 2009.08.31 Trojan.Generic.IS.598318
CAT-QuickHeal 10.00 2009.08.31 -
ClamAV 0.94.1 2009.08.31 Trojan.Qhost-165
Comodo 2124 2009.08.31 -
DrWeb 5.0.0.12182 2009.08.31 -
eSafe 7.0.17.0 2009.08.31 Suspicious File
eTrust-Vet 31.6.6712 2009.08.31 -
F-Prot 4.5.1.85 2009.08.31 -
F-Secure 8.0.14470.0 2009.08.31 -
Fortinet 3.120.0.0 2009.08.31 PossibleThreat
GData 19 2009.08.31 Trojan.Generic.IS.598318
Ikarus T3.1.1.68.0 2009.08.31 not-a-virus.Hacktool.AnyDVD
K7AntiVirus 7.10.832 2009.08.31 Trojan.Win32.Malware.3
Kaspersky 7.0.0.125 2009.08.31 -
McAfee 5726 2009.08.31 -
McAfee+Artemis 5726 2009.08.31 Artemis!44B27D16E373
McAfee-GW-Edition 6.8.5 2009.08.31 -
Microsoft 1.5005 2009.08.31 -
NOD32 4385 2009.08.31 -
Norman 2009.08.31 -
nProtect 2009.1.8.0 2009.08.31 -
Panda 10.0.2.2 2009.08.31 -
PCTools 4.4.2.0 2009.08.31 -
Prevx 3.0 2009.08.31 High Risk Worm
Rising 21.45.04.00 2009.08.31 -
Sophos 4.45.0 2009.08.31 -
Sunbelt 3.2.1858.2 2009.08.31 -
Symantec 1.4.4.12 2009.08.31 -
TheHacker 6.3.4.3.393 2009.08.31 -
TrendMicro 8.950.0.1094 2009.08.30 DDOS_YFLOOD.B
VBA32 3.12.10.10 2009.08.31 -
ViRobot 2009.8.31.1909 2009.08.31 -
VirusBuster 4.6.5.0 2009.08.31 -
weitere Informationen
File size: 2370715 bytes
MD5...: 44b27d16e373eba88fa77051ae47c47c
SHA1..: e5111c6d2fa136907fb86ef3bef609a4e8ce4e3e
SHA256: 036d46cf4bb13450a1a6a14ad381c1b38fbc263c1b1535996eec6a1756a4a590
ssdeep: 49152:Hf9jMsdFPhZ2HMqqa2sMhJbLpWf19YIUM+ZHbxpdQ:HJ7FPT2HZqhJbxId
+ZH/i
PEiD..: -
PEInfo: PE Structure information
( base data )
entrypointaddress.: 0x165f6
timedatestamp.....: 0x45d5c988 (Fri Feb 16 15:11:04 2007)
machinetype.......: 0x14c (I386)
( 4 sections )
name viradd virsiz rawdsiz ntrpy md5
.text 0x1000 0x2da66 0x2e000 6.60 cda93bc56e03b42896ef2c26cb477572
.rdata 0x2f000 0x83d6 0x9000 4.54 ec88e83f51ac8a91b931242fca59485d
.data 0x38000 0x9cc8 0x6000 2.68 7cfdc2a7f7ca5fb401057ef05f0dffbd
.rsrc 0x42000 0x2a958 0x2b000 4.25 833cd2a99c272fd5ef9c8647391c2ea0
( 8 imports )
> KERNEL32.dll: WritePrivateProfileStringA, GetProcessVersion, SizeofResource, GetCPInfo, GetOEMCP, SetErrorMode, RtlUnwind, ExitProcess, TerminateProcess, HeapFree, HeapAlloc, RaiseException, GetTimeZoneInformation, GetSystemTime, GetLocalTime, HeapReAlloc, SetEnvironmentVariableA, SetCurrentDirectoryA, GetStartupInfoA, GetCommandLineA, GetACP, HeapSize, LCMapStringA, LCMapStringW, GetEnvironmentVariableA, GetVersionExA, HeapDestroy, VirtualFree, VirtualAlloc, IsBadWritePtr, SetUnhandledExceptionFilter, CompareStringA, CompareStringW, GetFileType, SetStdHandle, UnhandledExceptionFilter, FreeEnvironmentStringsA, FreeEnvironmentStringsW, GetEnvironmentStrings, GetEnvironmentStringsW, SetHandleCount, GetStdHandle, GetStringTypeA, GetStringTypeW, IsBadReadPtr, IsBadCodePtr, GlobalFlags, TlsGetValue, GetProfileStringA, LocalReAlloc, TlsSetValue, GlobalReAlloc, TlsFree, GlobalHandle, TlsAlloc, LocalAlloc, EnterCriticalSection, LeaveCriticalSection, DeleteCriticalSection, InitializeCriticalSection, SetFileTime, SystemTimeToFileTime, LocalFileTimeToFileTime, GetFileTime, SetEndOfFile, UnlockFile, LockFile, FlushFileBuffers, WriteFile, GetCurrentProcess, DuplicateHandle, MulDiv, SetLastError, LoadLibraryA, FreeLibrary, GetVersion, lstrcatA, GlobalGetAtomNameA, GlobalAddAtomA, GlobalFindAtomA, GetModuleHandleA, GetProcAddress, GlobalUnlock, GlobalFree, LockResource, FindResourceA, LoadResource, GlobalLock, GlobalAlloc, GlobalDeleteAtom, lstrcmpiA, GetCurrentThread, GetCurrentThreadId, lstrcmpA, FileTimeToSystemTime, MultiByteToWideChar, WideCharToMultiByte, InterlockedDecrement, CreateDirectoryA, MoveFileA, SetVolumeLabelA, GetDriveTypeA, GetCurrentDirectoryA, GetFileSize, GetDiskFreeSpaceA, FormatMessageA, LocalFree, CreateFileMappingA, MapViewOfFile, UnmapViewOfFile, lstrlenA, CreateProcessA, GetLastError, GetExitCodeProcess, GetTempPathA, GetModuleFileNameA, RemoveDirectoryA, SetFileAttributesA, DeleteFileA, InterlockedIncrement, FindNextFileA, CreateFileA, SetFilePointer, ReadFile, CloseHandle, GetFullPathNameA, lstrcpynA, GetVolumeInformationA, GetFileAttributesA, lstrcpyA, FindFirstFileA, FindClose, FileTimeToLocalFileTime, HeapCreate
> USER32.dll: ScreenToClient, AdjustWindowRectEx, GetSysColor, MapWindowPoints, UpdateWindow, ClientToScreen, GetWindowDC, BeginPaint, EndPaint, TabbedTextOutA, DrawTextA, GrayStringA, LoadStringA, GetClassNameA, PtInRect, GetSysColorBrush, InflateRect, DestroyMenu, InvalidateRect, WinHelpA, GetClassInfoA, RegisterClassA, GetMenu, GetMenuItemCount, GetSubMenu, GetMenuItemID, DefWindowProcA, CreateWindowExA, GetClassLongA, SetPropA, GetPropA, CallWindowProcA, RemovePropA, GetMessageTime, GetMessagePos, GetForegroundWindow, SetForegroundWindow, GetWindow, OffsetRect, IntersectRect, SystemParametersInfoA, GetWindowPlacement, GetWindowRect, CopyRect, GetDC, ReleaseDC, EndDialog, SetActiveWindow, CreateDialogIndirectParamA, DestroyWindow, GetMenuCheckMarkDimensions, LoadBitmapA, GetMenuState, ModifyMenuA, SetMenuItemBitmaps, CheckMenuItem, EnableMenuItem, GetNextDlgTabItem, GetMessageA, GetActiveWindow, GetKeyState, CallNextHookEx, ValidateRect, IsWindowVisible, GetCursorPos, SetWindowsHookExA, GetLastActivePopup, UnhookWindowsHookEx, GetParent, SetFocus, IsWindowEnabled, ShowWindow, SetWindowPos, SetWindowLongA, GetDlgCtrlID, GetWindowTextLengthA, GetWindowTextA, SetWindowTextA, GetWindowLongA, IsDialogMessageA, SendDlgItemMessageA, GetDlgItem, CharUpperA, IsWindow, PostQuitMessage, UnregisterClassA, HideCaret, ShowCaret, CharToOemBuffA, OemToCharBuffA, wsprintfA, MsgWaitForMultipleObjects, TranslateMessage, DispatchMessageA, MessageBoxA, GetTopWindow, RegisterWindowMessageA, GetCapture, EnableWindow, LoadCursorA, SetCursor, IsIconic, GetSystemMetrics, GetClientRect, DrawIcon, PostMessageA, LoadIconA, SendMessageA, PeekMessageA, IsWindowUnicode, CharNextA, DefDlgProcA, DrawFocusRect, ExcludeUpdateRgn, GetFocus
> GDI32.dll: SetMapMode, SetViewportOrgEx, OffsetViewportOrgEx, SetViewportExtEx, ScaleViewportExtEx, SetWindowExtEx, ScaleWindowExtEx, IntersectClipRect, DeleteObject, GetDeviceCaps, CreateSolidBrush, PtVisible, RectVisible, TextOutA, ExtTextOutA, Escape, SetBkMode, GetStockObject, SelectObject, RestoreDC, SaveDC, DeleteDC, GetObjectA, SetBkColor, SetTextColor, GetClipBox, PatBlt, CreateDIBitmap, GetTextExtentPointA, BitBlt, CreateCompatibleDC, CreateBitmap
> comdlg32.dll: GetFileTitleA
> WINSPOOL.DRV: DocumentPropertiesA, ClosePrinter, OpenPrinterA
> ADVAPI32.dll: RegCloseKey, RegCreateKeyExA, RegOpenKeyExA, RegSetValueExA
> SHELL32.dll: SHFileOperationA
> COMCTL32.dll: -
( 0 exports )
RDS...: NSRL Reference Data Set
-
pdfid.: -
trid..: Win32 Executable MS Visual C++ (generic) (65.2%)
Win32 Executable Generic (14.7%)
Win32 Dynamic Link Library (generic) (13.1%)
Generic Win/DOS Executable (3.4%)
DOS Executable Generic (3.4%)
ThreatExpert info: <a href='http://www.threatexpert.com/report.aspx?md5=44b27d16e373eba88fa77051ae47c47c' target='_blank'>http://www.threatexpert.com/report.aspx?md5=44b27d16e373eba88fa77051ae47c47c</a>
packers (Kaspersky): PE_Patch.RLPack, RLPack, Swf2Swc
packers (F-Prot): ZIP, RLPack
packers (Authentium): ZIP, RLPack
<a href='http://info.prevx.com/aboutprogramtext.asp?PX5=292645979B73AC912C41243C88FB3400CF1C9E16' target='_blank'>http://info.prevx.com/aboutprogramtext.asp?PX5=292645979B73AC912C41243C88FB3400CF1C9E16</a> Und jetzt das => ThreatExpert Report: Mal/Generic-A
Und jetzt klicke auf den dritten Link in meiner Signatur. Da steht: Zitat:
Software aus dubiosen Quellen wie Freunde, Edonkey, Warez-Seiten sollte man nicht einmal mit der Kneifzange anfassen.
| Solange du diese einfache Regel nicht befolgst, wirst du auch weiterhin Probleme mit Schädlingen haben.
Deshalb => http://www.trojaner-board.de/51262-a...sicherung.html
Du bist entlassen und ich bin raus,
andreas |