habe ich scannen lassen, es kam die Meldung, dass die Datei bereits analysiert worden ist und nachdem ich nochmals aus analysieren gedrückt habe kam ein ellenlanger Bericht raus....soll ich den posten.
hier die Filterkopie:
Datei pr2ajbeb.exe empfangen 2008.10.21 15:56:57 (CET)
Antivirus Version letzte aktualisierung Ergebnis
AhnLab-V3 2008.10.18.0 2008.10.21 -
AntiVir 7.9.0.5 2008.10.21 -
Authentium 5.1.0.4 2008.10.21 -
Avast 4.8.1248.0 2008.10.15 -
AVG 8.0.0.161 2008.10.21 -
BitDefender 7.2 2008.10.21 -
CAT-QuickHeal 9.50 2008.10.21 -
ClamAV 0.93.1 2008.10.21 -
DrWeb 4.44.0.09170 2008.10.21 -
eSafe 7.0.17.0 2008.10.19 -
eTrust-Vet 31.6.6161 2008.10.21 -
Ewido 4.0 2008.10.21 -
F-Prot 4.4.4.56 2008.10.21 -
F-Secure 8.0.14332.0 2008.10.21 -
Fortinet 3.113.0.0 2008.10.21 -
GData 19 2008.10.21 -
Ikarus T3.1.1.44.0 2008.10.21 -
K7AntiVirus 7.10.500 2008.10.20 -
Kaspersky 7.0.0.125 2008.10.21 -
McAfee 5409 2008.10.21 -
Microsoft 1.4005 2008.10.21 -
NOD32 3541 2008.10.21 -
Norman 5.80.02 2008.10.20 -
Panda 9.0.0.4 2008.10.21 -
PCTools 4.4.2.0 2008.10.21 -
Prevx1 V2 2008.10.21 -
Rising 20.67.12.00 2008.10.21 -
SecureWeb-Gateway 6.7.6 2008.10.21 -
Sophos 4.34.0 2008.10.21 -
Sunbelt 3.1.1741.1 2008.10.21 -
Symantec 10 2008.10.21 -
TheHacker 6.3.1.0.121 2008.10.21 -
TrendMicro 8.700.0.1004 2008.10.21 -
ViRobot 2008.10.21.1430 2008.10.21 -
VirusBuster 4.5.11.0 2008.10.20 -
weitere Informationen
File size: 411000 bytes
MD5...: ed83a07fcc79f8a96845486cc93b342a
SHA1..: 22de4e0f183d13258115c630b26cf28e9dd55430
SHA256: a18975cc8a61243510a11836429108e5481e57b665e248e2eb19f345cedd5507
SHA512: 09a67085f4d7284a5526ce12cbfc891306d1f402fb6af0075d64efa0b2527f93<br>74db886397b318cbe919a2edd0f74c09dfe59eb6c343f2733de1b956c7f228fa
PEiD..: -
TrID..: File type identification<br>Win32 EXE PECompact compressed (generic) (41.8%)<br>Win32 Executable MS Visual C++ (generic) (37.9%)<br>Win32 Executable Generic (8.5%)<br>Win32 Dynamic Link Library (generic) (7.6%)<br>Generic Win/DOS Executable (2.0%)
PEInfo: PE Structure information<br><br>( base data )<br>entrypointaddress.: 0x41af05<br>timedatestamp.....: 0x46cc64e2 (Wed Aug 22 16:31:30 2007)<br>machinetype.......: 0x14c (I386)<br><br>( 4 sections )<br>name viradd virsiz rawdsiz ntrpy md5<br>.text 0x1000 0x3e6bc 0x3f000 6.60 bef2273b5553e3fa395d569019a5445c<br>.rdata 0x40000 0x1bca0 0x1c000 4.90 f62f8139c5ab2e7076a033e529e6aaba<br>.data 0x5c000 0x7654 0x6000 4.57 5d44aba158273654fa58b745b49359ad<br>.rsrc 0x64000 0x6c8 0x1000 2.15 c470009ecf2914a97ad202b0bfa248a5<br><br>( 4 imports ) <br>&gt; USER32.dll: MessageBoxA, MessageBoxW<br>&gt; KERNEL32.dll: FormatMessageA, CloseHandle, FreeLibrary, SystemTimeToFileTime, GetSystemTime, GetCurrentProcess, LoadLibraryW, LocalFree, SetLastError, GetFullPathNameW, QueryDosDeviceW, GetVersionExA, GetVersionExW, LoadLibraryA, CreateFileA, CreateFileW, GetModuleFileNameA, CreateFileMappingA, CreateFileMappingW, CreateMutexA, CreateMutexW, GetSystemDirectoryA, GetSystemDirectoryW, GetWindowsDirectoryA, GetWindowsDirectoryW, GetDriveTypeW, FindFirstFileA, FindFirstFileW, GetEnvironmentVariableW, GetModuleHandleW, WriteConsoleA, CreateProcessA, CreateProcessW, GetFileAttributesA, GetFileAttributesW, SetFileAttributesA, SetFileAttributesW, DeleteFileA, DeleteFileW, WideCharToMultiByte, LocalAlloc, FormatMessageW, AreFileApisANSI, GetOEMCP, GetACP, FindClose, GetFileSize, ReadFile, WriteFile, SetFileTime, MapViewOfFile, UnmapViewOfFile, DeviceIoControl, SleepEx, WaitForMultipleObjectsEx, ReleaseMutex, GetExitCodeProcess, WaitForSingleObject, HeapFree, HeapAlloc, RtlUnwind, HeapReAlloc, RaiseException, GetProcessHeap, GetStartupInfoA, HeapDestroy, HeapCreate, ExitProcess, TlsGetValue, TlsAlloc, TlsSetValue, TlsFree, GetCurrentThreadId, TerminateProcess, UnhandledExceptionFilter, SetUnhandledExceptionFilter, IsDebuggerPresent, FreeEnvironmentStringsA, GetEnvironmentStrings, FreeEnvironmentStringsW, GetEnvironmentStringsW, SetHandleCount, GetFileType, QueryPerformanceCounter, GetCurrentProcessId, GetSystemTimeAsFileTime, LCMapStringA, GetConsoleCP, GetConsoleMode, FlushFileBuffers, Sleep, HeapSize, GetStringTypeA, GetStringTypeW, GetLocaleInfoA, GetConsoleOutputCP, SetFilePointer, SetStdHandle, SetEndOfFile, GetCPInfo, GetTickCount, LeaveCriticalSection, EnterCriticalSection, DeleteCriticalSection, InitializeCriticalSection, GetEnvironmentVariableA, GetStdHandle, WriteConsoleW, VirtualFree, VirtualAlloc, InterlockedDecrement, InterlockedIncrement, LCMapStringW, MultiByteToWideChar, GetModuleHandleA, GetProcAddress, GetLastError, GetCommandLineA<br>&gt; ADVAPI32.dll: RegCloseKey, ControlService, DeleteService, CloseServiceHandle, SetSecurityDescriptorDacl, InitializeSecurityDescriptor, RegQueryValueExW, RegQueryValueExA, RegSetValueExW, RegSetValueExA, RegEnumKeyExW, RegDeleteKeyW, RegOpenKeyExW, RegOpenKeyExA, RegCreateKeyExW, RegisterServiceCtrlHandlerW, StartServiceCtrlDispatcherW, StartServiceW, ChangeServiceConfigW, QueryServiceConfigW, CreateServiceW, OpenServiceW, OpenSCManagerW, SetServiceStatus, RegDeleteValueW<br>&gt; VERSION.dll: GetFileVersionInfoSizeW, VerQueryValueA, GetFileVersionInfoW<br><br>( 0 exports ) <br>
auweh...wer wird denn aus sowas schlau?