C:\Lon\LonWorks\bin\LnsMtsSvc.exe Code:
Datei LnsMtsSvc.exe empfangen 2008.08.18 13:00:29 (CET)
Status: Beendet
Ergebnis: 0/36 (0%)
Antivirus Version letzte aktualisierung Ergebnis
AhnLab-V3 2008.8.15.0 2008.08.18 -
AntiVir 7.8.1.19 2008.08.18 -
Authentium 5.1.0.4 2008.08.18 -
Avast 4.8.1195.0 2008.08.17 -
AVG 8.0.0.161 2008.08.18 -
BitDefender 7.2 2008.08.18 -
CAT-QuickHeal 9.50 2008.08.16 -
ClamAV 0.93.1 2008.08.18 -
DrWeb 4.44.0.09170 2008.08.18 -
eSafe 7.0.17.0 2008.08.17 -
eTrust-Vet 31.6.6035 2008.08.15 -
Ewido 4.0 2008.08.18 -
F-Prot 4.4.4.56 2008.08.18 -
F-Secure 7.60.13501.0 2008.08.18 -
Fortinet 3.14.0.0 2008.08.18 -
GData 2.0.7306.1023 2008.08.18 -
Ikarus T3.1.1.34.0 2008.08.18 -
K7AntiVirus 7.10.417 2008.08.18 -
Kaspersky 7.0.0.125 2008.08.18 -
McAfee 5362 2008.08.15 -
Microsoft 1.3807 2008.08.18 -
NOD32v2 3364 2008.08.18 -
Norman 5.80.02 2008.08.15 -
Panda 9.0.0.4 2008.08.17 -
PCTools 4.4.2.0 2008.08.17 -
Prevx1 V2 2008.08.18 -
Rising 20.58.02.00 2008.08.18 -
Sophos 4.32.0 2008.08.18 -
Sunbelt 3.1.1546.1 2008.08.15 -
Symantec 10 2008.08.18 -
TheHacker 6.3.0.5.053 2008.08.18 -
TrendMicro 8.700.0.1004 2008.08.18 -
VBA32 3.12.8.3 2008.08.18 -
ViRobot 2008.8.18.1339 2008.08.18 -
VirusBuster 4.5.11.0 2008.08.17 -
Webwasher-Gateway 6.6.2 2008.08.18 -
weitere Informationen
File size: 57400 bytes
MD5...: 00ae40f0ddfdd769934563902652d97a
SHA1..: fc158498180d6ec40d607239037e1ee904846ad0
SHA256: a14f5b7b9eaaee49c1d66431f7cac111f86549ba201a0fbaf3d590a7f2e7127a
SHA512: f761892979f8cf534b460dc701dcf746e975a5861a18c0182015af976d59f394
8820d39dde58dd10d3b9674288379b5c942b47bda878a0fc935ad03f8d457a13
PEiD..: Armadillo v1.71
PEInfo: PE Structure information
( base data )
entrypointaddress.: 0x404678
timedatestamp.....: 0x446b7221 (Wed May 17 18:57:37 2006)
machinetype.......: 0x14c (I386)
( 4 sections )
name viradd virsiz rawdsiz ntrpy md5
.text 0x1000 0x396a 0x4000 5.85 86a028a8fb2358afcd7611245f3235ad
.rdata 0x5000 0x2050 0x3000 4.40 951d1f09f927ef72c1cae305b3842feb
.data 0x8000 0x84c 0x1000 1.85 e110c18322ba0389851d01a8836e0f76
.rsrc 0x9000 0x4228 0x5000 3.02 0fae66ea913674a43acabdbc2628ca34
( 6 imports )
> KERNEL32.dll: FreeLibrary, SizeofResource, LoadResource, FindResourceA, LoadLibraryExA, lstrcpynA, WideCharToMultiByte, InitializeCriticalSection, LoadLibraryA, lstrcpyA, lstrcatA, GetCurrentThread, GetShortPathNameA, MultiByteToWideChar, lstrlenW, GetVersion, LocalFree, ReadFile, GetCurrentProcess, OpenProcess, CreateJobObjectA, DuplicateHandle, CreateFileMappingA, CreateWaitableTimerA, CreateSemaphoreA, CreateMutexA, WriteFile, FlushFileBuffers, DisconnectNamedPipe, SetLastError, CreateNamedPipeA, ConnectNamedPipe, CloseHandle, InterlockedDecrement, GetModuleFileNameA, GetModuleHandleA, GetProcAddress, lstrlenA, GetCommandLineA, lstrcmpiA, GetLastError, GetCurrentThreadId, CreateEventA, CreateThread, SetEvent, WaitForSingleObject, TerminateThread, IsDBCSLeadByte, GetStartupInfoA
> USER32.dll: LoadStringA, MessageBoxA, GetMessageA, DispatchMessageA, PostThreadMessageA, CharNextA
> ADVAPI32.dll: ControlService, RegQueryInfoKeyA, RegEnumKeyExA, RegCreateKeyExA, RegDeleteKeyA, RegOpenKeyExA, OpenProcessToken, LookupPrivilegeValueA, PrivilegeCheck, ConvertStringSecurityDescriptorToSecurityDescriptorA, MakeAbsoluteSD, InitializeSecurityDescriptor, SetSecurityDescriptorDacl, StartServiceCtrlDispatcherA, DeleteService, CreateServiceA, RegDeleteValueA, RegSetValueExA, RegCloseKey, RegQueryValueExA, SetServiceStatus, RegisterServiceCtrlHandlerA, RegisterEventSourceA, ReportEventA, DeregisterEventSource, OpenSCManagerA, OpenServiceA, CloseServiceHandle, CopySid, GetLengthSid, SetSecurityDescriptorOwner, SetSecurityDescriptorGroup, OpenThreadToken, GetTokenInformation, RegEnumValueA
> ole32.dll: CoInitialize, CoInitializeSecurity, CoUninitialize, CoTaskMemFree, CoTaskMemRealloc, CoRegisterClassObject, CoRevokeClassObject, CoCreateInstance, CoTaskMemAlloc
> OLEAUT32.dll: -, -, -, -, -
> MSVCRT.dll: _onexit, __dllonexit, _controlfp, __set_app_type, __p__fmode, __p__commode, _adjust_fdiv, __setusermatherr, _initterm, __getmainargs, _acmdln, exit, _XcptFilter, _exit, _terminate@@YAXXZ, _except_handler3, memcmp, __2@YAPAXI@Z, realloc, malloc, free, puts, vsprintf, __CxxFrameHandler, memcpy, memset, _strnicmp, strlen, strrchr, strncmp
( 0 exports ) C:\Lon\LonWorks\bin\LdvxBroker.exe Code:
Datei LdvxBroker.exe empfangen 2008.08.18 13:04:38 (CET)
Status: Beendet
Ergebnis: 0/36 (0%)
Antivirus Version letzte aktualisierung Ergebnis
AhnLab-V3 2008.8.15.0 2008.08.18 -
AntiVir 7.8.1.19 2008.08.18 -
Authentium 5.1.0.4 2008.08.18 -
Avast 4.8.1195.0 2008.08.17 -
AVG 8.0.0.161 2008.08.18 -
BitDefender 7.2 2008.08.18 -
CAT-QuickHeal 9.50 2008.08.16 -
ClamAV 0.93.1 2008.08.18 -
DrWeb 4.44.0.09170 2008.08.18 -
eSafe 7.0.17.0 2008.08.17 -
eTrust-Vet 31.6.6035 2008.08.15 -
Ewido 4.0 2008.08.18 -
F-Prot 4.4.4.56 2008.08.18 -
F-Secure 7.60.13501.0 2008.08.18 -
Fortinet 3.14.0.0 2008.08.18 -
GData 2.0.7306.1023 2008.08.18 -
Ikarus T3.1.1.34.0 2008.08.18 -
K7AntiVirus 7.10.417 2008.08.18 -
Kaspersky 7.0.0.125 2008.08.18 -
McAfee 5362 2008.08.15 -
Microsoft 1.3807 2008.08.18 -
NOD32v2 3364 2008.08.18 -
Norman 5.80.02 2008.08.15 -
Panda 9.0.0.4 2008.08.17 -
PCTools 4.4.2.0 2008.08.17 -
Prevx1 V2 2008.08.18 -
Rising 20.58.02.00 2008.08.18 -
Sophos 4.32.0 2008.08.18 -
Sunbelt 3.1.1546.1 2008.08.15 -
Symantec 10 2008.08.18 -
TheHacker 6.3.0.5.053 2008.08.18 -
TrendMicro 8.700.0.1004 2008.08.18 -
VBA32 3.12.8.3 2008.08.18 -
ViRobot 2008.8.18.1339 2008.08.18 -
VirusBuster 4.5.11.0 2008.08.17 -
Webwasher-Gateway 6.6.2 2008.08.18 -
weitere Informationen
File size: 61498 bytes
MD5...: c57bd3ab5d64fd45a159a1f83bd7df43
SHA1..: 66a65f010b2af36c5b79c5aa9a260fa023e074cb
SHA256: befe85ffa88717ec3596dffb84928e7ccb85ff1ca3158f508f0b14c563536d97
SHA512: eb13d095d157960c4c33aaaf51a882bca42f962c8ee3b2775ce9180682139385
b96d6aa171b57e9f87467c5d254e5529f0e5449c49d614635545b4c7886ac3a2
PEiD..: Armadillo v1.71
PEInfo: PE Structure information
( base data )
entrypointaddress.: 0x40537e
timedatestamp.....: 0x446b7366 (Wed May 17 19:03:02 2006)
machinetype.......: 0x14c (I386)
( 4 sections )
name viradd virsiz rawdsiz ntrpy md5
.text 0x1000 0x47c7 0x5000 5.98 50bb8a3f2de505ea6c8d33286d905708
.rdata 0x6000 0x2b02 0x3000 5.30 f1d2b46d3cb6a0bf13f71ea8f9b0a48f
.data 0x9000 0xe5c 0x1000 3.90 b36dab220161a2507eec5d8baa532a0e
.rsrc 0xa000 0x4480 0x5000 3.17 c7912581c5c86fe1825f4e8d7b05c015
( 9 imports )
> LnsMtsShim.dll: CreateMutexA
> LdvxManager.dll: __0xManager@@QAE@_N@Z, __1xManager@@QAE@XZ
> LdvxLog.dll: _Open@xLog@@QAEXPBD@Z, _CreateSubKey@xRegistry@@QAEJPBDPAK@Z, _SetField@xRegistry@@QBEJPBDHK@Z, _DeleteField@xRegistry@@QBEJPBD@Z, _SetField@xRegistry@@QBEJPBD0@Z, _TraceEventV@xLog@@QBEXGJPAD@Z, _LogEventV@xLog@@QBEXGJPAD@Z, _GetDefaultLog@xLog@@SAPAV1@XZ, __1xRegistry@@QAE@XZ, _GetField@xRegistry@@QBEJPBDAA_N@Z, __0xRegistry@@QAE@PAUHKEY__@@PBD@Z, _LdvxTrace2@xLog@@QBAXGW4LdvxType@@PBDZZ, _c_sLonWorksPath@@3V_$basic_string@DU_$char_traits@D@std@@V_$allocator@D@_STL@@@_STL@@B, _GetField@xRegistry@@QBEJPBDAAH@Z, _c_szxDriverKey@@3QBDB, _OpenSubKey@xRegistry@@QAEJPBDPAUHKEY__@@@Z, _SetTraceLevel@xLog@@QAEXE@Z, _SetTraceTypes@xLog@@QAEXW4LdvxTraceTypes@@@Z, _SetTraceCategories@xLog@@QAEXW4LdvxTraceCategories@@@Z, _SetTraceOptions@xLog@@QAEXW4LdvxTraceOptions@@@Z, _Close@xLog@@QAEXXZ, _FieldExists@xRegistry@@QBE_NPBD@Z, __BxRegistry@@QBEPAUHKEY__@@XZ
> USER32.dll: SendMessageA, ShowWindow, GetMessageA, IsWindow, IsDialogMessageA, DispatchMessageA, DestroyWindow, PostThreadMessageA, CharNextA, MessageBoxA, CreateDialogParamA, SetDlgItemTextA, GetWindowRect, UpdateWindow, LoadIconA, LoadStringA, GetDlgItem, EnableWindow, MoveWindow, SetWindowLongA
> ole32.dll: CoUninitialize, CoInitializeSecurity, CoInitializeEx, CoInitialize, CoTaskMemFree, CoTaskMemAlloc, CoTaskMemRealloc, CoRegisterClassObject, CoRevokeClassObject, CoCreateInstance
> OLEAUT32.dll: -, -, -, -, -
> KERNEL32.dll: WideCharToMultiByte, FlushInstructionCache, GetCurrentThread, EnterCriticalSection, LeaveCriticalSection, lstrcatA, lstrcpyA, LoadLibraryA, DeleteCriticalSection, HeapDestroy, InitializeCriticalSection, IsDBCSLeadByte, lstrcpynA, LoadLibraryExA, FindResourceA, LoadResource, SizeofResource, FreeLibrary, GetStartupInfoA, GetShortPathNameA, lstrlenW, GetModuleFileNameA, GetModuleHandleA, GetProcAddress, lstrlenA, MultiByteToWideChar, lstrcmpiA, GetCommandLineA, GetCurrentProcessId, OpenProcess, GetLastError, CloseHandle, GetCurrentThreadId, GetCurrentProcess, SetProcessWorkingSetSize, InterlockedDecrement
> ADVAPI32.dll: RegOpenKeyExA, GetTokenInformation, OpenThreadToken, OpenProcessToken, SetSecurityDescriptorGroup, SetSecurityDescriptorOwner, GetLengthSid, CopySid, InitializeSecurityDescriptor, SetSecurityDescriptorDacl, RegEnumValueA, RegQueryInfoKeyA, RegSetValueExA, RegEnumKeyExA, CloseServiceHandle, RegCloseKey, RegDeleteValueA, RegCreateKeyExA, RegDeleteKeyA, StartServiceCtrlDispatcherA, ControlService, DeleteService, CreateServiceA, GetUserNameA, SetSecurityInfo, SetServiceStatus, RegisterServiceCtrlHandlerA, OpenSCManagerA, OpenServiceA
> MSVCRT.dll: memmove, _onexit, __dllonexit, _controlfp, __set_app_type, __p__fmode, __p__commode, _adjust_fdiv, __setusermatherr, _initterm, __getmainargs, _acmdln, exit, _XcptFilter, _exit, __1type_info@@UAE@XZ, _terminate@@YAXXZ, _except_handler3, _itoa, strlen, __1exception@@UAE@XZ, __0exception@@QAE@XZ, strncpy, __0exception@@QAE@ABV0@@Z, _CxxThrowException, memcmp, memset, realloc, malloc, free, memcpy, __CxxFrameHandler, __2@YAPAXI@Z, _ultoa
( 0 exports ) C:\install.dat Code:
Datei install.dat empfangen 2008.08.18 13:06:24 (CET)
Status: Beendet
Ergebnis: 0/36 (0%)
Antivirus Version letzte aktualisierung Ergebnis
AhnLab-V3 2008.8.15.0 2008.08.18 -
AntiVir 7.8.1.19 2008.08.18 -
Authentium 5.1.0.4 2008.08.18 -
Avast 4.8.1195.0 2008.08.17 -
AVG 8.0.0.161 2008.08.18 -
BitDefender 7.2 2008.08.18 -
CAT-QuickHeal 9.50 2008.08.16 -
ClamAV 0.93.1 2008.08.18 -
DrWeb 4.44.0.09170 2008.08.18 -
eSafe 7.0.17.0 2008.08.17 -
eTrust-Vet 31.6.6035 2008.08.15 -
Ewido 4.0 2008.08.18 -
F-Prot 4.4.4.56 2008.08.18 -
F-Secure 7.60.13501.0 2008.08.18 -
Fortinet 3.14.0.0 2008.08.18 -
GData 2.0.7306.1023 2008.08.18 -
Ikarus T3.1.1.34.0 2008.08.18 -
K7AntiVirus 7.10.417 2008.08.18 -
Kaspersky 7.0.0.125 2008.08.18 -
McAfee 5362 2008.08.15 -
Microsoft 1.3807 2008.08.18 -
NOD32v2 3364 2008.08.18 -
Norman 5.80.02 2008.08.15 -
Panda 9.0.0.4 2008.08.17 -
PCTools 4.4.2.0 2008.08.17 -
Prevx1 V2 2008.08.18 -
Rising 20.58.02.00 2008.08.18 -
Sophos 4.32.0 2008.08.18 -
Sunbelt 3.1.1546.1 2008.08.15 -
Symantec 10 2008.08.18 -
TheHacker 6.3.0.5.053 2008.08.18 -
TrendMicro 8.700.0.1004 2008.08.18 -
VBA32 3.12.8.3 2008.08.18 -
ViRobot 2008.8.18.1339 2008.08.18 -
VirusBuster 4.5.11.0 2008.08.17 -
Webwasher-Gateway 6.6.2 2008.08.18 -
weitere Informationen
File size: 164 bytes
MD5...: 221459272704441f4bebf6f4fb8c83bc
SHA1..: dcbb8382b541978935b3e5cbd85ce344ba0f5cd1
SHA256: 74ca6f8e4574c7eb657736350963307edda2236d8b8b42644a2e0901efa44fc8
SHA512: 0d6559ddf464f90f0d4d0b1023e9a1c1b6fd231bb3fd675bd4e2a9b881a7edf7
2c0203833eecef436bac3e9a7d2006eaeb19e6fe12260dfbb5a6671f836247b4
PEiD..: -
PEInfo: - C:\WINDOWS\UNINST16.EXE Code:
Datei UNINST16.EXE empfangen 2008.08.18 13:15:09 (CET)
Status: Beendet
Ergebnis: 0/36 (0%)
Antivirus Version letzte aktualisierung Ergebnis
AhnLab-V3 2008.8.15.0 2008.08.18 -
AntiVir 7.8.1.19 2008.08.18 -
Authentium 5.1.0.4 2008.08.18 -
Avast 4.8.1195.0 2008.08.17 -
AVG 8.0.0.161 2008.08.18 -
BitDefender 7.2 2008.08.18 -
CAT-QuickHeal 9.50 2008.08.16 -
ClamAV 0.93.1 2008.08.18 -
DrWeb 4.44.0.09170 2008.08.18 -
eSafe 7.0.17.0 2008.08.17 -
eTrust-Vet 31.6.6035 2008.08.15 -
Ewido 4.0 2008.08.18 -
F-Prot 4.4.4.56 2008.08.18 -
F-Secure 7.60.13501.0 2008.08.18 -
Fortinet 3.14.0.0 2008.08.18 -
GData 2.0.7306.1023 2008.08.18 -
Ikarus T3.1.1.34.0 2008.08.18 -
K7AntiVirus 7.10.417 2008.08.18 -
Kaspersky 7.0.0.125 2008.08.18 -
McAfee 5362 2008.08.15 -
Microsoft 1.3807 2008.08.18 -
NOD32v2 3364 2008.08.18 -
Norman 5.80.02 2008.08.15 -
Panda 9.0.0.4 2008.08.17 -
PCTools 4.4.2.0 2008.08.17 -
Prevx1 V2 2008.08.18 -
Rising 20.58.02.00 2008.08.18 -
Sophos 4.32.0 2008.08.18 -
Sunbelt 3.1.1546.1 2008.08.15 -
Symantec 10 2008.08.18 -
TheHacker 6.3.0.5.053 2008.08.18 -
TrendMicro 8.700.0.1004 2008.08.18 -
VBA32 3.12.8.3 2008.08.18 -
ViRobot 2008.8.18.1339 2008.08.18 -
VirusBuster 4.5.11.0 2008.08.17 -
Webwasher-Gateway 6.6.2 2008.08.18 -
weitere Informationen
File size: 247648 bytes
MD5...: e54fc2077196ba40d53742d2446c6a03
SHA1..: a7608956cd9d0713f8a33618656582cbd2e8ea85
SHA256: 250f18a7113e5eb745721cdb0de7196756b019b64674b830af6bdc368dc55f89
SHA512: ac156d55e7366f34a83625842b8a88bf8cbb1c3f1b05dd2d69b02bbb7f251555
4f4983111aa3bdc0d2bcece61cd1d190e677eeb061645e3c1c093377fd0ed0ab
PEiD..: -
PEInfo: - C:\WINDOWS\system32\lhtjkiyb.exe Code:
Datei lhtjkiyb.exe empfangen 2008.08.18 13:19:32 (CET)
Status: Beendet
Ergebnis: 9/36 (25%)
Antivirus Version letzte aktualisierung Ergebnis
AhnLab-V3 2008.8.15.0 2008.08.18 -
AntiVir 7.8.1.19 2008.08.18 -
Authentium 5.1.0.4 2008.08.18 -
Avast 4.8.1195.0 2008.08.17 -
AVG 8.0.0.161 2008.08.18 -
BitDefender 7.2 2008.08.18 MemScan:Trojan.FakeAlert.UM
CAT-QuickHeal 9.50 2008.08.16 (Suspicious) - DNAScan
ClamAV 0.93.1 2008.08.18 -
DrWeb 4.44.0.09170 2008.08.18 -
eSafe 7.0.17.0 2008.08.17 Suspicious File
eTrust-Vet 31.6.6035 2008.08.15 -
Ewido 4.0 2008.08.18 -
F-Prot 4.4.4.56 2008.08.18 -
F-Secure 7.60.13501.0 2008.08.18 -
Fortinet 3.14.0.0 2008.08.18 -
GData 2.0.7306.1023 2008.08.18 -
Ikarus T3.1.1.34.0 2008.08.18 Trojan-Downloader.Win32.Renos.AQ
K7AntiVirus 7.10.417 2008.08.18 -
Kaspersky 7.0.0.125 2008.08.18 -
McAfee 5362 2008.08.15 -
Microsoft 1.3807 2008.08.18 TrojanDownloader:Win32/Renos.gen!AS
NOD32v2 3364 2008.08.18 a variant of Win32/TrojanDownloader.FakeAlert.GG
Norman 5.80.02 2008.08.15 Smalltroj.gen22
Panda 9.0.0.4 2008.08.17 -
PCTools 4.4.2.0 2008.08.17 -
Prevx1 V2 2008.08.18 Malicious Software
Rising 20.58.02.00 2008.08.18 -
Sophos 4.32.0 2008.08.18 Mal/EncPk-CZ
Sunbelt 3.1.1546.1 2008.08.15 -
Symantec 10 2008.08.18 -
TheHacker 6.3.0.5.053 2008.08.18 -
TrendMicro 8.700.0.1004 2008.08.18 -
VBA32 3.12.8.3 2008.08.18 -
ViRobot 2008.8.18.1339 2008.08.18 -
VirusBuster 4.5.11.0 2008.08.17 -
Webwasher-Gateway 6.6.2 2008.08.18 -
weitere Informationen
File size: 130048 bytes
MD5...: 588cbbcbd6852f8ab9be55a23f7a82e4
SHA1..: a2a8271f08bea75975ac2e91524ede31af3db705
SHA256: 3780edce32ace015f7e7792d1548a515ad4d5af31cea22fb707beef461ca8c81
SHA512: a00b7d00d74bb61a5b24c7e511936a7fb0c99484b3d2f239af5ff9c21006cb64
94616acd217bb23fa384497536353472e3ee90d78892994dc148ca12c9a60651
PEiD..: -
PEInfo: PE Structure information
( base data )
entrypointaddress.: 0x403521
timedatestamp.....: 0x48a1df24 (Tue Aug 12 19:06:12 2008)
machinetype.......: 0x14c (I386)
( 3 sections )
name viradd virsiz rawdsiz ntrpy md5
.text 0x1000 0x338a0 0x2600 6.43 6a159282c9d445e6b3ebfb802b668218
.rdata 0x35000 0x1b7ac 0x1ac00 8.00 548d2168bf8b64f3a5976672c136329a
.rsrc 0x51000 0x1000 0x600 7.30 f4fec41480babaab2533552314c5d691
( 0 imports )
( 0 exports )
Prevx info: http://info.prevx.com/aboutprogramtext.asp?PX5=DBF8033000DBC430FC8901D54930FE00F0FEA9AE |