| Davido1991 | 13.08.2008 14:58 |
datei ein virus?
hi leute, hab mir angeblich nero geladen war aber nur 10 mb groß und ich habs natürlich geöffnet, so doof wie ich bin -.-" habs mal bei virus total hochgeladen, zeigt nichts an kann ich aber irgendwie nicht glauben deswegen hier einmal virustotal der datei und hijackthis logfile..
hoffe auf eure hilfe (p.s. hab pc vor kurzem neu gemacht deswegen isser so leer) Virustotal: Code:
File Nero_8_3_6_0_Ultra_Edition_HD_Deu received on 08.13.2008 15:19:06 (CET)
Current status: Loading ... queued waiting scanning finished NOT FOUND STOPPED
Result: 0/36 (0%)
Loading server information...
Your file is queued in position: ___.
Estimated start time is between ___ and ___ .
Do not close the window until scan is complete.
The scanner that was processing your file is stopped at this moment, we are going to wait a few seconds to try to recover your result.
If you are waiting for more than five minutes you have to resend your file.
Your file is being scanned by VirusTotal in this moment,
results will be shown as they're generated.
Compact Compact
Print results Print results
Your file has expired or does not exists.
Service is stopped in this moments, your file is waiting to be scanned (position: ) for an undefined time.
You can wait for web response (automatic reload) or type your email in the form below and click "request" so the system sends you a notification when the scan is finished.
Email:
Antivirus Version Last Update Result
AhnLab-V3 2008.8.13.0 2008.08.13 -
AntiVir 7.8.1.19 2008.08.13 -
Authentium 5.1.0.4 2008.08.13 -
Avast 4.8.1195.0 2008.08.12 -
AVG 8.0.0.161 2008.08.13 -
BitDefender 7.2 2008.08.13 -
CAT-QuickHeal 9.50 2008.08.12 -
ClamAV 0.93.1 2008.08.13 -
DrWeb 4.44.0.09170 2008.08.13 -
eSafe 7.0.17.0 2008.08.12 -
eTrust-Vet 31.6.6030 2008.08.13 -
Ewido 4.0 2008.08.13 -
F-Prot 4.4.4.56 2008.08.13 -
F-Secure 7.60.13501.0 2008.08.13 -
Fortinet 3.14.0.0 2008.08.13 -
GData 2.0.7306.1023 2008.08.13 -
Ikarus T3.1.1.34.0 2008.08.13 -
K7AntiVirus 7.10.412 2008.08.12 -
Kaspersky 7.0.0.125 2008.08.13 -
McAfee 5359 2008.08.12 -
Microsoft 1.3807 2008.08.13 -
NOD32v2 3352 2008.08.13 -
Norman 5.80.02 2008.08.13 -
Panda 9.0.0.4 2008.08.13 -
PCTools 4.4.2.0 2008.08.13 -
Prevx1 V2 2008.08.13 -
Rising 20.57.22.00 2008.08.13 -
Sophos 4.32.0 2008.08.13 -
Sunbelt 3.1.1542.1 2008.08.13 -
Symantec 10 2008.08.13 -
TheHacker 6.3.0.3.046 2008.08.13 -
TrendMicro 8.700.0.1004 2008.08.13 -
VBA32 3.12.8.3 2008.08.13 -
ViRobot 2008.8.13.1335 2008.08.13 -
VirusBuster 4.5.11.0 2008.08.12 -
Webwasher-Gateway 6.6.2 2008.08.13 -
Additional information
File size: 10173301 bytes
MD5...: 7b25889e9eda600999080412bab2a48e
SHA1..: 1978f05b33db02b01f72bca3777a64155deb5894
SHA256: 8b94694e2c45d88751cc01d576da08cf452905302c50b53317e1eb94be568aeb
SHA512: e9ceeb894038dc20a25c7523443d79aad99610e2f68e97fc51c76df5f17e0a38
f3b2e3a9c83efab5185de0e78779e070b3aa9f5f860c94ef2d7dbed2c63fceb9
PEiD..: -
PEInfo: PE Structure information
( base data )
entrypointaddress.: 0x110013ec
timedatestamp.....: 0x4881bd2e (Sat Jul 19 10:08:46 2008)
machinetype.......: 0x14c (I386)
( 4 sections )
name viradd virsiz rawdsiz ntrpy md5
.text 0x1000 0x3308 0x4000 4.91 6a382ee56c758b19217a8491626a9fa9
.data 0x5000 0x504 0x1000 0.00 620f0b67a91f7f74151bc5be745b7110
text 0x6000 0x19 0x1000 0.08 b7b26ab7864f5c7cd3b5ef1f6a40d687
.rsrc 0x7000 0x1a10 0x2000 4.35 24233cb64a088013f7c9fc9fb0952785
( 1 imports )
> MSVBVM60.DLL: _CIcos, _adj_fptan, __vbaVarMove, __vbaAryMove, __vbaFreeVar, __vbaLenBstr, __vbaStrVarMove, __vbaFreeVarList, _adj_fdiv_m64, __vbaFreeObjList, -, _adj_fprem1, __vbaRecAnsiToUni, -, __vbaStrCat, __vbaSetSystemError, __vbaRecDestruct, __vbaHresultCheckObj, _adj_fdiv_m32, __vbaAryDestruct, __vbaExitProc, __vbaOnError, _adj_fdiv_m16i, _adj_fdivr_m16i, __vbaVarIndexLoad, _CIsin, __vbaErase, -, __vbaChkstk, -, __vbaFileClose, __vbaGenerateBoundsError, __vbaGet3, DllFunctionCall, _adj_fpatan, __vbaRedim, __vbaRecUniToAnsi, -, __vbaUI1I2, _CIsqrt, __vbaExceptHandler, -, __vbaStrToUnicode, -, _adj_fprem, _adj_fdivr_m64, -, -, __vbaFPException, __vbaInStrVar, __vbaStrVarVal, _CIlog, __vbaErrorOverflow, __vbaFileOpen, __vbaNew2, -, __vbaInStr, _adj_fdiv_m32i, _adj_fdivr_m32i, __vbaStrCopy, __vbaFreeStrList, _adj_fdivr_m32, __vbaPowerR8, _adj_fdiv_r, -, __vbaVarSetVar, __vbaI4Var, __vbaAryLock, __vbaVarAdd, __vbaStrToAnsi, __vbaVarDup, __vbaVarCopy, __vbaFpI4, __vbaVarLateMemCallLd, __vbaRecDestructAnsi, _CIatan, __vbaStrMove, _allmul, _CItan, __vbaAryUnlock, _CIexp, __vbaFreeStr
( 0 exports )
Hijackthis: Code:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:56:58, on 13.08.2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Programme\Alwil Software\Avast4\aswUpdSv.exe
C:\Programme\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Programme\Analog Devices\SoundMAX\SMAgent.exe
C:\Programme\Alwil Software\Avast4\ashMaiSv.exe
C:\Programme\Alwil Software\Avast4\ashWebSv.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Programme\Mozilla Firefox\firefox.exe
C:\Programme\Mozilla Firefox\firefox.exe
C:\Programme\ICQ6\ICQ.exe
C:\Programme\Trend Micro\HijackThis\HijackThis.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETZWERKDIENST')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe (file missing)
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Programme\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Programme\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Programme\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Programme\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Programme\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: TuneUp Drive Defrag-Dienst (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe
--
End of file - 3271 bytes
|
