HiJackThis Log-File IExplorer öffnet Werbung!!!

Basti1980 · 31.05.2008, 18:59

C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\soft chic meet great\Great long.exe

Datei Great_long.exe empfangen 2008.05.31 19:50:33 (CET)
Antivirus Version letzte aktualisierung Ergebnis
AhnLab-V3 2008.5.30.1 2008.05.30 -
AntiVir 7.8.0.25 2008.05.30 -
Authentium 5.1.0.4 2008.05.31 W32/Swizzor.D.gen!Eldorado
Avast 4.8.1195.0 2008.05.31 -
AVG 7.5.0.516 2008.05.31 -
BitDefender 7.2 2008.05.31 -
CAT-QuickHeal 9.50 2008.05.31 -
ClamAV 0.92.1 2008.05.31 -
DrWeb 4.44.0.09170 2008.05.31 -
eSafe 7.0.15.0 2008.05.29 -
eTrust-Vet 31.4.5837 2008.05.30 -
Ewido 4.0 2008.05.31 -
F-Prot 4.4.4.56 2008.05.31 W32/Swizzor.D.gen!Eldorado
F-Secure 6.70.13260.0 2008.05.31 -
Fortinet 3.14.0.0 2008.05.31 -
GData 2.0.7306.1023 2008.05.31 -
Ikarus T3.1.1.26.0 2008.05.31 -
Kaspersky 7.0.0.125 2008.05.31 -
McAfee 5307 2008.05.30 -
Microsoft 1.3520 2008.05.31 -
NOD32v2 3149 2008.05.31 -
Norman 5.80.02 2008.05.30 -
Panda 9.0.0.4 2008.05.31 -
Prevx1 V2 2008.05.31 -
Rising 20.46.52.00 2008.05.31 -
Sophos 4.29.0 2008.05.31 -
Sunbelt 3.0.1139.1 2008.05.29 -
Symantec 10 2008.05.31 -
VBA32 3.12.6.6 2008.05.31 -
VirusBuster 4.3.26:9 2008.05.31 -
Webwasher-Gateway 6.6.2 2008.05.30 -
weitere Informationen
File size: 3468288 bytes
MD5...: bd44cbed40e6800fedf58e95234e2651
SHA1..: 5bacdf22f9fe7b880055b7ea56185acfe7ac2026
SHA256: 76b5b7015d5c871e28afed01cb3205f126603719428e050888fe43eefe8bb857
SHA512: 47defed615d6277cd64d469a73fabdcb1faafef3e2a056b4ed10dbd472accaea 6260d6a5dc3555a06dbe9d795b4e47e528d996837a609edb6887e7604a990229
PEiD..: -
PEInfo: PE Structure information ( base data ) entrypointaddress.: 0x40fcb7 timedatestamp.....: 0x47190d35 (Fri Oct 19 20:01:57 2007) machinetype.......: 0x14c (I386) ( 4 sections ) name viradd virsiz rawdsiz ntrpy md5 .text 0x1000 0x1d609 0x1d800 6.05 68de3bbbebbd7f5c94c720c94a5d5c4f .rdata 0x1f000 0x6c9c 0x1c00 5.10 ad87c760c784eb1391e684745903fc61 .data 0x26000 0x32c0a4 0x32da00 8.00 7f2ba54104996483c5170e8ccf46ea29 .rsrc 0x353000 0x19e4 0x1a00 3.51 15de54bcdb8a3e737fcc8ab3e5c7ad7d ( 6 imports ) > SHELL32.dll: DragQueryFile > WININET.dll: InternetCombineUrlA, GopherGetLocatorTypeW, UrlZonesDetach, InternetOpenUrlW, InternetGetCookieA > comdlg32.dll: FindTextW, ChooseFontW > ADVAPI32.dll: LogonUserW, DuplicateToken, CreateServiceW, LookupSecurityDescriptorPartsA, RegSetKeySecurity, RegFlushKey, RegConnectRegistryW > USER32.dll: IsCharUpperA, BeginPaint > KERNEL32.dll: GetStartupInfoA, GetCommandLineA, TerminateProcess, GetLastError, GetUserDefaultLCID, UnhandledExceptionFilter, TlsAlloc, GetEnvironmentStringsW, GetOEMCP, InterlockedExchange, VirtualFree, DeleteCriticalSection, GetStartupInfoW, EnterCriticalSection, GetModuleHandleA, GetCurrentThread, GetDateFormatA, VirtualAlloc, GetVersionExA, CompareStringW, TlsGetValue, GetStdHandle, IsBadWritePtr, GetModuleFileNameA, SetEnvironmentVariableA, VirtualProtect, TlsSetValue, GetLocaleInfoW, WriteFile, GetEnvironmentStrings, GetCPInfo, GetTickCount, GetSystemInfo, FreeEnvironmentStringsA, TlsFree, IsValidLocale, GetLocaleInfoA, RtlUnwind, HeapAlloc, CreateProcessW, HeapSize, GetCommandLineW, HeapReAlloc, GetTimeFormatA, GetCurrentProcess, GetProcAddress, GetStringTypeW, VirtualQuery, InitializeCriticalSection, MultiByteToWideChar, EnumSystemLocalesA, WideCharToMultiByte, GetCurrentProcessId, CompareStringA, GetSystemTimeAsFileTime, LoadLibraryA, GetCurrentThreadId, SetLastError, ExitProcess, SetHandleCount, LCMapStringW, LeaveCriticalSection, HeapFree, GetStringTypeA, FreeEnvironmentStringsW, LCMapStringA, HeapDestroy, GetTimeZoneInformation, GetFileType, HeapCreate, QueryPerformanceCounter, GetACP, GetModuleFileNameW, IsValidCodePage ( 0 exports ) 

C:\DOKUME~1\Batze\ANWEND~1\CLOSEP~1\okaydeaf.exe

Datei okaydeaf.exe empfangen 2008.05.31 19:55:54 (CET)
Antivirus Version letzte aktualisierung Ergebnis
AhnLab-V3 2008.5.30.1 2008.05.30 -
AntiVir 7.8.0.25 2008.05.30 -
Authentium 5.1.0.4 2008.05.31 W32/Swizzor.D.gen!Eldorado
Avast 4.8.1195.0 2008.05.31 -
AVG 7.5.0.516 2008.05.31 -
BitDefender 7.2 2008.05.31 -
CAT-QuickHeal 9.50 2008.05.31 -
ClamAV 0.92.1 2008.05.31 -
DrWeb 4.44.0.09170 2008.05.31 Trojan.Swizzor.based
eSafe 7.0.15.0 2008.05.29 -
eTrust-Vet 31.4.5837 2008.05.30 -
Ewido 4.0 2008.05.31 -
F-Prot 4.4.4.56 2008.05.31 W32/Swizzor.D.gen!Eldorado
F-Secure 6.70.13260.0 2008.05.31 -
Fortinet 3.14.0.0 2008.05.31 -
GData 2.0.7306.1023 2008.05.31 -
Ikarus T3.1.1.26.0 2008.05.31 -
Kaspersky 7.0.0.125 2008.05.31 -
McAfee 5307 2008.05.30 -
Microsoft 1.3520 2008.05.31 -
NOD32v2 3149 2008.05.31 -
Norman 5.80.02 2008.05.30 -
Panda 9.0.0.4 2008.05.31 -
Prevx1 V2 2008.05.31 -
Rising 20.46.52.00 2008.05.31 -
Sophos 4.29.0 2008.05.31 -
Sunbelt 3.0.1139.1 2008.05.29 -
Symantec 10 2008.05.31 Adware.Lop
VBA32 3.12.6.6 2008.05.31 -
VirusBuster 4.3.26:9 2008.05.31 -
Webwasher-Gateway 6.6.2 2008.05.30 -
weitere Informationen
File size: 445952 bytes
MD5...: 5c9295ab7c912fa140168be0c5a3e828
SHA1..: 7f8fcd9395c0831ab8ac790568bd981607c66dbd
SHA256: e2d5e3fb18bc97556433df50d4d290771bf53a4d65ade335b9b3b3d3c8afed3c
SHA512: 760b26238acbff8ce74caacb2cc1bbc6e6d1e98ea55130e06914f7681077d2ca 34abd8c14a0c213add4edfb7c23ac9b20ed0a7e6ed78c0568cbae7d5a40828ce
PEiD..: -
PEInfo: PE Structure information ( base data ) entrypointaddress.: 0x40d314 timedatestamp.....: 0x472c77c2 (Sat Nov 03 13:29:38 2007) machinetype.......: 0x14c (I386) ( 4 sections ) name viradd virsiz rawdsiz ntrpy md5 .text 0x1000 0x2507d 0x25200 6.06 95f7f89db621d116e44c3122ffb2d6d9 .rdata 0x27000 0x5d80 0x1e00 5.18 9450cbe7c7b2b2ffc4c8cae81a400c79 .data 0x2d000 0x452e0 0x45400 7.86 a4c0dacb696ee0c6cd6b1594df2eaa99 .rsrc 0x73000 0x4f8 0x600 2.65 a647153302f49c58ce68be6e75c1c3b4 ( 4 imports ) > USER32.dll: DestroyMenu > ADVAPI32.dll: RegLoadKeyA, RevertToSelf, CryptSignHashA, CryptAcquireContextA, CryptSetProvParam, LookupSecurityDescriptorPartsA, RegSetKeySecurity, CryptExportKey, RegCreateKeyA, CreateServiceA, GetUserNameW, RegSetValueW, CryptSetProviderExW, CryptEncrypt, CryptGetDefaultProviderW, RegOpenKeyW > KERNEL32.dll: QueryPerformanceCounter, VirtualQuery, LCMapStringA, TlsSetValue, GetLocaleInfoA, GetModuleHandleA, GetTimeFormatA, GetProcAddress, FreeEnvironmentStringsA, VirtualFree, GetStringTypeA, GetLogicalDriveStringsW, WriteFile, HeapSize, CompareStringA, HeapAlloc, GetCurrentProcess, GetCurrentThread, LoadLibraryA, EnumSystemLocalesA, TlsFree, GetLastError, LocalFree, HeapReAlloc, SetTimeZoneInformation, RtlUnwind, VirtualAlloc, HeapCreate, DeleteCriticalSection, lstrcmp, lstrcat, IsValidCodePage, MultiByteToWideChar, CompareStringW, WritePrivateProfileSectionW, GetTickCount, HeapDestroy, GetACP, EnterCriticalSection, GetCPInfo, GetModuleFileNameA, GetStringTypeW, TerminateProcess, GetStartupInfoA, TlsAlloc, GetSystemInfo, GetCurrentThreadId, HeapFree, WideCharToMultiByte, SetLocaleInfoA, GetVersionExA, GetTimeZoneInformation, GetDateFormatA, VirtualProtect, LCMapStringW, InterlockedExchange, GetUserDefaultLCID, GetCommandLineA, GetCurrentProcessId, SetLastError, GetLocaleInfoW, GetFileType, ExitProcess, GetStdHandle, GetEnvironmentVariableW, GetProcessShutdownParameters, FillConsoleOutputAttribute, SetHandleCount, GetEnvironmentStrings, SetConsoleCursorInfo, InitializeCriticalSection, IsBadWritePtr, GetConsoleCP, FreeEnvironmentStringsW, GetSystemTimeAsFileTime, UnhandledExceptionFilter, SetEnvironmentVariableA, IsValidLocale, GetOEMCP, GetStringTypeExA, GetCurrencyFormatA, CopyFileExA, GetEnvironmentStringsW, TlsGetValue, OpenSemaphoreA, LeaveCriticalSection, OpenWaitableTimerW, WriteConsoleW > SHELL32.dll: DoEnvironmentSubstW, SheChangeDirExW, DragAcceptFiles, DragQueryFileAorW, DragQueryPoint ( 0 exports ) 

ich nehme jetzt mal ganz stark an das die beiden Dateien Viren bzw. Trojaner sind...

HiJackThis Log-File IExplorer öffnet Werbung!!!

Mülltonne: HiJackThis Log-File IExplorer öffnet Werbung!!!

HiJackThis Log-File IExplorer öffnet Werbung!!!

Ähnliche Themen: HiJackThis Log-File IExplorer öffnet Werbung!!!