File tcpip.sys received on 06.03.2008 05:27:20 (CET)
Antivirus Version Last Update Result
AhnLab-V3 2008.5.30.1 2008.06.02 -
AntiVir 7.8.0.26 2008.06.02 -
Authentium 5.1.0.4 2008.06.02 -
Avast 4.8.1195.0 2008.06.02 -
AVG 7.5.0.516 2008.06.02 -
BitDefender 7.2 2008.06.03 -
CAT-QuickHeal 9.50 2008.06.02 -
ClamAV 0.92.1 2008.06.02 -
DrWeb 4.44.0.09170 2008.06.02 -
eSafe 7.0.15.0 2008.06.02 -
eTrust-Vet 31.4.5844 2008.06.03 -
Ewido 4.0 2008.06.02 -
F-Prot 4.4.4.56 2008.06.02 -
F-Secure 6.70.13260.0 2008.06.03 -
Fortinet 3.14.0.0 2008.06.03 -
GData 2.0.7306.1023 2008.06.03 -
Ikarus T3.1.1.26.0 2008.06.03 -
Kaspersky 7.0.0.125 2008.06.03 -
McAfee 5308 2008.06.02 -
Microsoft 1.3604 2008.06.03 -
NOD32v2 3153 2008.06.03 -
Norman 5.80.02 2008.06.02 -
Panda 9.0.0.4 2008.06.02 -
Prevx1 V2 2008.06.03 -
Rising 20.47.02.00 2008.06.03 -
Sophos 4.29.0 2008.06.03 -
Sunbelt 3.0.1139.1 2008.05.29 -
Symantec 10 2008.06.03 -
TheHacker 6.2.92.332 2008.06.03 -
VBA32 3.12.6.6 2008.06.01 -
VirusBuster 4.3.26:9 2008.06.02 -
Webwasher-Gateway 6.6.2 2008.06.03 -
Additional information
File size: 360064 bytes
MD5...: 29a6d7d4d9f768c0ad9f55a7e3c3b2b0
SHA1..: beda03f2871ebc39d2595d2f4920f09dc6bdb3c6
SHA256: 7beadf0edf3f86ac71d21998e1d8678948221a6020718cbc97946fa378f5bea3
SHA512: 16c63dfa4235424a97aaa2c1f694de0080648ae7aeb34fd2e76c86e174cca54f<br>d962734804d258330c48cbd5ea17110a6b3d0b99a7f162ddefb54bb090d8db13
PEiD..: -
PEInfo: PE Structure information<br><br>( base data )<br>entrypointaddress.: 0x61516<br>timedatestamp.....: 0x472767f4 (Tue Oct 30 17:20:52 2007)<br>machinetype.......: 0x14c (I386)<br><br>( 10 sections )<br>name viradd virsiz rawdsiz ntrpy md5<br>.text 0x380 0x3ec36 0x3ec80 6.59 bf3727cc30fc9381405d704fc48cf298<br>.rdata 0x3f000 0x57c 0x580 4.44 8e59e52de3e5dbcbceb5a3ef5f649f6e<br>.data 0x3f580 0xa4a4 0xa500 0.06 b9a573e33adfdced8dd26084f4c34980<br>PAGE 0x49a80 0x1f2b 0x1f80 6.39 62835585c6d5d5460c7937ca9a24a666<br>PAGELK 0x4ba00 0x6f2 0x700 6.23 b006a6a497bb9c46495fbf448e59f7d0<br>PAGEIPMc 0x4c100 0x2781 0x2800 6.43 f388ecb2e9459286d1f285da46acd63e<br>.edata 0x4e900 0x341 0x380 5.22 8712af1a96dac3a5cc93d8600aeab255<br>INIT 0x4ec80 0x5836 0x5880 6.21 f4de2fbdd55c778ea9195ad028c3829e<br>.rsrc 0x54500 0x3f0 0x400 3.41 f7e220f2cc645366d35917b1d898d5a1<br>.reloc 0x54900 0x3554 0x3580 6.80 70106385f23ac6f4e01fd4b1e2558fad<br><br>( 4 imports ) <br>> HAL.dll: KfLowerIrql, KeRaiseIrqlToDpcLevel, KfReleaseSpinLock, KfAcquireSpinLock, KfRaiseIrql, KeGetCurrentIrql, KeQueryPerformanceCounter, ExAcquireFastMutex, ExReleaseFastMutex<br>> NDIS.SYS: NdisCloseAdapter, NdisCancelSendPackets, NdisFreePacket, NdisUnchainBufferAtFront, NdisCompletePnPEvent, NdisFreePacketPool, NdisRequest, NdisAllocatePacket, NdisFreeMemory, NdisQueryAdapterInstanceName, NdisGetDriverHandle, NdisOpenAdapter, NdisAllocatePacketPoolEx, NdisGetReceivedPacket, NdisRegisterProtocol, NdisAllocateBuffer, NdisSetPacketPoolProtocolId, NdisReturnPackets, NdisCopyBuffer, NdisAllocateBufferPool, NdisFreeBufferPool, NdisReEnumerateProtocolBindings, NdisCompleteBindAdapter<br>> ntoskrnl.exe: IoCreateDevice, _wcsicmp, wcscpy, wcsncpy, wcschr, ZwSetInformationThread, KeLeaveCriticalRegion, KeEnterCriticalRegion, KeQueryTimeIncrement, KeSetEvent, IoDeleteSymbolicLink, ExDeleteNPagedLookasideList, KeDelayExecutionThread, ZwOpenKey, KeSetTimerEx, KeInitializeTimer, KeInitializeDpc, ExInitializeNPagedLookasideList, MmLockPagableSectionByHandle, ZwQueryValueKey, ZwSetValueKey, InterlockedPopEntrySList, InterlockedPushEntrySList, ExIsProcessorFeaturePresent, RtlAddAccessAllowedAce, RtlCreateAcl, RtlLengthSid, SeExports, RtlMapGenericMask, IoGetFileObjectGenericMapping, ObReleaseObjectSecurity, SeSetSecurityDescriptorInfo, RtlLengthSecurityDescriptor, RtlSetDaclSecurityDescriptor, RtlCreateSecurityDescriptor, ObGetObjectSecurity, IofCallDriver, IoBuildDeviceIoControlRequest, IoGetDeviceObjectPointer, ObfDereferenceObject, RtlAddAce, RtlGetAce, IoCreateSymbolicLink, RtlInitializeSid, RtlLengthRequiredSid, ObSetSecurityObjectByPointer, RtlSelfRelativeToAbsoluteSD, RtlGetSaclSecurityDescriptor, RtlGetGroupSecurityDescriptor, RtlGetOwnerSecurityDescriptor, RtlGetDaclSecurityDescriptor, RtlVerifyVersionInfo, VerSetConditionMask, IoWMIRegistrationControl, IoGetCurrentProcess, KeInitializeTimerEx, RtlExtendedIntegerMultiply, KeQueryInterruptTime, _aulldiv, DbgBreakPoint, KeSetTargetProcessorDpc, RtlSetBit, SeUnlockSubjectContext, SeAccessCheck, SeLockSubjectContext, ObDereferenceSecurityDescriptor, PsGetCurrentProcessId, RtlWalkFrameChain, _aulldvrm, ExNotifyCallback, ExCreateCallback, ObReferenceObjectByHandle, MmUnlockPages, SeFreePrivileges, SeAppendPrivileges, ObLogSecurityDescriptor, SeAssignSecurity, IoFileObjectType, MmProbeAndLockPages, IoAllocateMdl, _except_handler3, ProbeForWrite, ObfReferenceObject, PsGetCurrentProcess, RtlPrefetchMemoryNonTemporal, KeInitializeMutex, MmIsThisAnNtAsSystem, KeWaitForSingleObject, KeReleaseMutex, KeReadStateEvent, IoDeleteDevice, ZwEnumerateValueKey, RtlUnicodeStringToInteger, RtlIpv4StringToAddressW, RtlTimeToTimeFields, ExLocalTimeToSystemTime, RtlExtendedMagicDivide, RtlAppendUnicodeToString, ZwClose, _allmul, MmQuerySystemSize, RtlCompareUnicodeString, RtlInitializeBitMap, RtlClearAllBits, RtlSetBits, wcslen, RtlAreBitsSet, RtlClearBits, RtlFindClearBitsAndSet, RtlFindClearRuns, DbgPrint, memmove, RtlCopyUnicodeString, RtlAppendUnicodeStringToString, ZwLoadDriver, KeResetEvent, IoAcquireCancelSpinLock, IoReleaseCancelSpinLock, IofCompleteRequest, ExfInterlockedAddUlong, MmMapLockedPagesSpecifyCache, IoFreeMdl, ExfInterlockedInsertTailList, RtlInitUnicodeString, MmMapLockedPages, KeNumberProcessors, RtlUnicodeStringToAnsiString, MmLockPagableDataSection, MmUnlockPagableImageSection, RtlCompareMemory, ExAllocatePoolWithTag, KeCancelTimer, KeClearEvent, RtlAnsiStringToUnicodeString, IoRaiseInformationalHardError, KeInitializeEvent, ExFreePoolWithTag, ExAllocatePoolWithTagPriority, KeInitializeSpinLock, _alldiv, KeQuerySystemTime, KefAcquireSpinLockAtDpcLevel, KefReleaseSpinLockFromDpcLevel, KeBugCheckEx, RtlSubAuthoritySid, KeTickCount, MmBuildMdlForNonPagedPool, ZwDeviceIoControlFile, ZwCreateFile<br>> TDI.SYS: CTESystemUpTime, CTEBlock, CTELogEvent, CTESignal, CTEBlockWithTracker, CTEStartTimer, CTEInitEvent, CTEScheduleDelayedEvent, CTEInitTimer, TdiProviderReady, CTEInitialize, TdiDeregisterNetAddress, TdiRegisterNetAddress, TdiDeregisterDeviceObject, TdiRegisterDeviceObject, TdiDeregisterProvider, TdiRegisterProvider, TdiPnPPowerRequest, TdiCopyMdlChainToMdlChain, TdiInitialize, TdiDeregisterPnPHandlers, TdiRegisterPnPHandlers, CTEScheduleEvent, TdiCopyBufferToMdl, CTERemoveBlockTracker, CTEInsertBlockTracker, TdiMapUserRequest, TdiCopyBufferToMdlWithReservedMappingAtDpcLevel<br><br>( 31 exports ) <br>ARPRcv, ARPRcvPacket, FreeIprBuff, GetIFAndLink, IPAddInterface, IPAllocBuff, IPDelInterface, IPDelayedNdisReEnumerateBindings, IPDeregisterARP, IPDisableSniffer, IPEnableSniffer, IPFreeBuff, IPGetAddrType, IPGetBestInterface, IPGetInfo, IPInjectPkt, IPProxyNdisRequest, IPRcvComplete, IPRcvPacket, IPRegisterARP, IPRegisterProtocol, IPSetIPSecStatus, IPTransmit, LookupRoute, LookupRouteInformation, LookupRouteInformationWithBuffer, SendICMPErr, SetIPSecPtr, UnSetIPSecPtr, UnSetIPSecSendPtr, tcpxsum<br>