Internetgamebox Trojaner?!

t0m_6

Und hier auch gleich das ergebnis vom 2. Punkt:


Datei PLFSetL.exe empfangen 2009.01.18 10:14:02 (CET)
Status: Beendet
Ergebnis: 0/39 (0.00%)

Antivirus Version letzte aktualisierung Ergebnis
a-squared 4.0.0.73 2009.01.18 -
AhnLab-V3 2009.1.15.0 2009.01.17 -
AntiVir 7.9.0.57 2009.01.17 -
Authentium 5.1.0.4 2009.01.17 -
Avast 4.8.1281.0 2009.01.16 -
AVG 8.0.0.229 2009.01.17 -
BitDefender 7.2 2009.01.18 -
CAT-QuickHeal 10.00 2009.01.17 -
ClamAV 0.94.1 2009.01.18 -
Comodo 935 2009.01.18 -
DrWeb 4.44.0.09170 2009.01.18 -
eSafe 7.0.17.0 2009.01.15 -
eTrust-Vet 31.6.6312 2009.01.17 -
F-Prot 4.4.4.56 2009.01.17 -
F-Secure 8.0.14470.0 2009.01.18 -
Fortinet 3.117.0.0 2009.01.15 -
GData 19 2009.01.18 -
Ikarus T3.1.1.45.0 2009.01.18 -
K7AntiVirus 7.10.594 2009.01.17 -
Kaspersky 7.0.0.125 2009.01.18 -
McAfee 5498 2009.01.17 -
McAfee+Artemis 5498 2009.01.17 -
Microsoft 1.4205 2009.01.18 -
NOD32 3774 2009.01.17 -
Norman 5.93.01 2009.01.16 -
nProtect 2009.1.8.0 2009.01.16 -
Panda 9.5.1.2 2009.01.17 -
PCTools 4.4.2.0 2009.01.17 -
Prevx1 V2 2009.01.18 -
Rising 21.12.62.00 2009.01.18 -
SecureWeb-Gateway 6.7.6 2009.01.17 -
Sophos 4.37.0 2009.01.18 -
Sunbelt 3.2.1835.2 2009.01.16 -
Symantec 10 2009.01.18 -
TheHacker 6.3.1.5.222 2009.01.17 -
TrendMicro 8.700.0.1004 2009.01.16 -
VBA32 3.12.8.10 2009.01.17 -
ViRobot 2009.1.17.1563 2009.01.17 -
VirusBuster 4.5.11.0 2009.01.17 -
weitere Informationen
File size: 94208 bytes
MD5...: fb1eeab5a76a943060defa4ccc45143b
SHA1..: 2c192d971a924f8476839ee9da767fcb0d2fcc1c
SHA256: 45ab4ad74f7eb195ea032888be2507da9d0fc2b0a371a397ee6d5dec9f1e0ade
SHA512: 05bf74507982e479d93c667fadaf644a5235fed40e08f19042d4d6259fbcc71c
4b3028fbabfa28d5ebe5810fcb69708d8761fddf9a266067938c31ad65697e3f
ssdeep: 1536:4WEx9xR3PnXTTC7S686EX5B8K6cnHcj0Kq1LcBaoJji15F:4WUr3PXy8DXD
8q8j0Kq1L/oJjsF
PEiD..: Armadillo v1.71
TrID..: File type identification
Win64 Executable Generic (54.6%)
Win32 Executable MS Visual C++ (generic) (24.0%)
Windows Screen Saver (8.3%)
Win32 Executable Generic (5.4%)
Win32 Dynamic Link Library (generic) (4.8%)
PEInfo: PE Structure information

( base data )
entrypointaddress.: 0x4029f8
timedatestamp.....: 0x468cc988 (Thu Jul 05 10:35:52 2007)
machinetype.......: 0x14c (I386)

( 4 sections )
name viradd virsiz rawdsiz ntrpy md5
.text 0x1000 0xe5ce 0xf000 6.39 e7d277c33c5fb5a80bf00c4d59925d28
.rdata 0x10000 0x3a76 0x4000 4.62 e4ca8a992407a30c7aee227f587fa5eb
.data 0x14000 0x498c 0x2000 2.10 87f6edc9abcbd6d1d637559ea8f428cc
.rsrc 0x19000 0x3d8 0x1000 1.00 b580f5f9b446355fc88942b8a75b9b77

( 8 imports )
> KERNEL32.dll: GetCurrentThreadId, lstrcmpA, GetModuleHandleA, GlobalDeleteAtom, GlobalFindAtomA, GlobalAddAtomA, GlobalGetAtomNameA, FreeLibrary, GetProcessVersion, GlobalFlags, GetCPInfo, GetOEMCP, RtlUnwind, GetStartupInfoA, GetCommandLineA, ExitProcess, HeapAlloc, FileTimeToLocalFileTime, RaiseException, GetTimeZoneInformation, GetACP, HeapSize, HeapReAlloc, TerminateProcess, UnhandledExceptionFilter, FreeEnvironmentStringsA, FreeEnvironmentStringsW, GetEnvironmentStrings, GetEnvironmentStringsW, SetHandleCount, GetStdHandle, GetFileType, HeapDestroy, HeapCreate, VirtualFree, VirtualAlloc, IsBadWritePtr, LCMapStringA, LCMapStringW, SetUnhandledExceptionFilter, GetStringTypeA, GetStringTypeW, IsBadReadPtr, IsBadCodePtr, SetStdHandle, CompareStringA, CompareStringW, SetEnvironmentVariableA, FileTimeToSystemTime, TlsGetValue, LocalReAlloc, TlsSetValue, GlobalAlloc, GlobalReAlloc, GlobalLock, GlobalHandle, GlobalUnlock, GlobalFree, TlsAlloc, LocalFree, LocalAlloc, EnterCriticalSection, LeaveCriticalSection, DeleteCriticalSection, GetVersion, InitializeCriticalSection, lstrcatA, SetLastError, InterlockedDecrement, InterlockedIncrement, GetFileTime, GetFileSize, GetFileAttributesA, GetModuleFileNameA, lstrcmpiA, GetFullPathNameA, lstrcpynA, GetVolumeInformationA, FindFirstFileA, FindClose, lstrcpyA, lstrlenA, MultiByteToWideChar, LoadLibraryA, GetProcAddress, SetEndOfFile, UnlockFile, LockFile, CloseHandle, FlushFileBuffers, SetFilePointer, WriteFile, ReadFile, CreateFileA, GetCurrentProcess, DuplicateHandle, GetLastError, lstrcpyW, WideCharToMultiByte, GetWindowsDirectoryA, GetSystemDefaultLCID, HeapFree, Sleep
> ADVAPI32.dll: RegSetValueExA, RegCloseKey, RegOpenKeyExA, RegQueryValueExA
> ole32.dll: CoInitialize, CoUninitialize, CoCreateInstance
> COMCTL32.dll: -
> USER32.dll: GetTopWindow, CopyRect, GetClientRect, AdjustWindowRectEx, SetFocus, GetSysColor, MapWindowPoints, PostMessageA, LoadIconA, SetWindowTextA, LoadCursorA, GetSysColorBrush, ReleaseDC, GetDC, GetClassNameA, PtInRect, ClientToScreen, PostQuitMessage, DestroyMenu, TabbedTextOutA, DrawTextA, GrayStringA, GetCapture, WinHelpA, GetClassInfoA, RegisterClassA, GetMenu, GetMenuItemCount, GetSubMenu, GetMenuItemID, GetDlgItem, GetWindowTextA, GetDlgCtrlID, DefWindowProcA, DestroyWindow, CreateWindowExA, GetClassLongA, SetPropA, GetPropA, CallWindowProcA, RemovePropA, GetMessageTime, GetMessagePos, GetForegroundWindow, SetForegroundWindow, GetWindow, SetWindowLongA, SetWindowPos, RegisterWindowMessageA, SystemParametersInfoA, IsIconic, GetWindowPlacement, GetWindowRect, GetMenuCheckMarkDimensions, LoadBitmapA, GetMenuState, ModifyMenuA, SetMenuItemBitmaps, EnableMenuItem, GetFocus, GetNextDlgTabItem, DispatchMessageA, GetKeyState, CallNextHookEx, PeekMessageA, SetWindowsHookExA, GetParent, GetLastActivePopup, IsWindowEnabled, GetWindowLongA, SendMessageA, MessageBoxA, EnableWindow, LoadStringA, UnhookWindowsHookEx, GetSystemMetrics, CharUpperA, CheckMenuItem
> GDI32.dll: GetClipBox, DeleteObject, GetDeviceCaps, DeleteDC, SaveDC, RestoreDC, SelectObject, GetStockObject, SetMapMode, SetViewportOrgEx, OffsetViewportOrgEx, SetViewportExtEx, ScaleViewportExtEx, SetWindowExtEx, ScaleWindowExtEx, GetObjectA, SetTextColor, PtVisible, RectVisible, TextOutA, ExtTextOutA, Escape, CreateBitmap, SetBkColor
> WINSPOOL.DRV: ClosePrinter, DocumentPropertiesA, OpenPrinterA
> comdlg32.dll: GetFileTitleA

( 0 exports )
ThreatExpert info: http://www.threatexpert.com/report.aspx?md5=fb1eeab5a76a943060defa4ccc45143b