Hi Blind Dragon,
thanks as always!
Here is my
Virustotal Results
Antivirus Version Last Update Result
AhnLab-V3 2008.4.15.1 2008.04.15 -
AntiVir 7.6.0.85 2008.04.15 -
Authentium 4.93.8 2008.04.14 -
Avast 4.8.1169.0 2008.04.15 -
AVG 7.5.0.516 2008.04.15 -
BitDefender 7.2 2008.04.15 -
CAT-QuickHeal 9.50 2008.04.14 -
ClamAV 0.92.1 2008.04.15 -
DrWeb 4.44.0.09170 2008.04.15 -
eSafe 7.0.15.0 2008.04.09 -
eTrust-Vet 31.3.5700 2008.04.15 -
Ewido 4.0 2008.04.15 -
F-Prot 4.4.2.54 2008.04.15 -
F-Secure 6.70.13260.0 2008.04.15 -
FileAdvisor 1 2008.04.15 -
Fortinet 3.14.0.0 2008.04.15 -
Ikarus T3.1.1.26 2008.04.15 -
Kaspersky 7.0.0.125 2008.04.15 -
McAfee 5273 2008.04.14 -
NOD32v2 3028 2008.04.15 -
Norman 5.80.02 2008.04.15 -
Panda 9.0.0.4 2008.04.14 -
Prevx1 V2 2008.04.15 -
Rising 20.40.11.00 2008.04.15 -
Sophos 4.28.0 2008.04.15 -
Sunbelt 3.0.1041.0 2008.04.12 -
Symantec 10 2008.04.15 -
TheHacker 6.2.92.278 2008.04.15 -
VBA32 3.12.6.4 2008.04.14 -
VirusBuster 4.3.26:9 2008.04.15 -
Webwasher-Gateway 6.6.2 2008.04.15 -
Additional information
File size: 74752 bytes
MD5...: 5feeb2a45ef421006c978d0e02aeff06
SHA1..: 75d908af7c525bc93ae76ac87ab4137fc45b7536
SHA256: 98fcc34aa501eb312ef2f184babbc0f93187029aebf34bfae78609015592ebac
SHA512: 41053a7bcd5743c843d2e35e6de61a67db4e768078d727a407b019ded2736b5f
fd3be09a2cf7f8986e613ca5c821b6284489e5b8e5dbbc1d79335f9deeb54f53
PEiD..: -
PEInfo: PE Structure information
( base data )
entrypointaddress.: 0x401c55
timedatestamp.....: 0x46eb56e8 (Sat Sep 15 03:52:08 2007)
machinetype.......: 0x14c (I386)
( 4 sections )
name viradd virsiz rawdsiz ntrpy md5
.text 0x1000 0xff2 0x1000 5.85 23b8725da11ab2d486f635b073a38860
.rdata 0x2000 0xd4c 0xe00 5.09 76e6a73f588cfca8e0f5378de04e0eb4
.data 0x3000 0x3b9 0x200 2.67 e368e4779ecb280c4a571b84736c1538
.rsrc 0x4000 0xfe60 0x10000 5.29 fb7eec872cf3ddd8b6162d865af0df15
( 6 imports )
> MFC42.DLL: -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -
> MSVCRT.dll: _setmbcp, memset, __CxxFrameHandler, strrchr, memcpy
> KERNEL32.dll: HeapFree, HeapAlloc, SetProcessWorkingSetSize, FreeLibrary, DeleteFileA, GetSystemDefaultLangID, LoadLibraryExA, GetProcAddress, GetShortPathNameA, GetEnvironmentVariableA, lstrcpyA, GetCurrentProcess, SetPriorityClass, GetCurrentThread, SetThreadPriority, SetProcessPriorityBoost, MoveFileExA, ReleaseMutex, CreateMutexA, GetLastError, CloseHandle, FindResourceA, SizeofResource, LoadResource, LockResource, GetModuleFileNameA, lstrcatA, CreateFileA, CreateFileMappingA, MapViewOfFile, UnmapViewOfFile, ExitProcess, GetModuleHandleA, GetStartupInfoA, GetCommandLineA, GetProcessHeap
> USER32.dll: IsIconic, SetForegroundWindow, RegisterWindowMessageA, GetCursorPos, GetSubMenu, SendMessageA, MessageBoxA, GetDesktopWindow, LoadMenuA, EnableWindow, GetSystemMetrics, GetClientRect, DrawIcon, LoadImageA, KillTimer, SetTimer, ModifyMenuA
> SHELL32.dll: Shell_NotifyIconA, ShellExecuteExA, SHChangeNotify
> SHLWAPI.dll: PathRemoveFileSpecA
( 0 exports )
Attached also are
1. Combofix Log
2. Kaspersky
3. Hijack log
~cheers!